mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
f53430c0b4
commit
1accb17bc3
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The Radius configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4543-98220-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4543-98220-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4543-98220-1.html"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The DNS configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The DNS configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4544-0a409-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4544-0a409-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4544-0a409-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The LDAP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The LDAP configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4547-88e43-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4547-88e43-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4547-88e43-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The UEFI configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The UEFI configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4548-7a2c6-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4548-7a2c6-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4548-7a2c6-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Media support configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4549-c97ba-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4549-c97ba-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4549-c97ba-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Audit log configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4550-5ee8c-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4550-5ee8c-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4550-5ee8c-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Remote video configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4551-5dd2f-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4551-5dd2f-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4551-5dd2f-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The Web Service configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The Web Service configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4552-5b2c4-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4552-5b2c4-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4552-5b2c4-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Web License configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Web License configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4553-06ae2-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4553-06ae2-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4553-06ae2-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The Active Directory configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4554-10a74-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4554-10a74-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4554-10a74-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (ActiveX configuration-1 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4555-3c7c3-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4555-3c7c3-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4555-3c7c3-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (ActiveX configuration-2 acquisition) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4556-ece3d-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4556-ece3d-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4556-ece3d-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4557-1019f-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4557-1019f-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4557-1019f-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
"DATE_PUBLIC": "2021-04-06T02:48:00.000Z",
|
||||
"ID": "CVE-2021-28188",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "ASUS BMC's firmware: buffer overflow - Modify user’s information function"
|
||||
"TITLE": "ASUS BMC's firmware: buffer overflow - Modify user\u2019s information function"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Modify user\u2019s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4558-ad16e-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4558-ad16e-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4558-ad16e-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The SMTP configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4559-ad2b5-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4559-ad2b5-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4559-ad2b5-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Generate new certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Generate new certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4560-2f01f-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4560-2f01f-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4560-2f01f-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The Firmware update function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The Firmware update function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4561-062d0-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4561-062d0-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4561-062d0-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Remote video storage function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Remote video storage function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4562-4b207-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4562-4b207-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4562-4b207-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The SMTP configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4563-e4092-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4563-e4092-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4563-e4092-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Remote image configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Remote image configuration setting) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4564-7ef3d-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4564-7ef3d-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4564-7ef3d-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The Radius configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The Radius configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4565-59c97-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4565-59c97-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4565-59c97-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Generate SSL certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Generate SSL certificate function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4566-9154b-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4566-9154b-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4566-9154b-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The Active Directory configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The Active Directory configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4567-34350-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4567-34350-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4567-34350-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The Firmware protocol configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The Firmware protocol configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4568-627f7-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4568-627f7-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4568-627f7-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
"DATE_PUBLIC": "2021-04-06T02:48:00.000Z",
|
||||
"ID": "CVE-2021-28199",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "ASUS BMC's firmware: buffer overflow - Modify user’s information function"
|
||||
"TITLE": "ASUS BMC's firmware: buffer overflow - Modify user\u2019s information function"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Modify user\u2019s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4569-6b391-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4569-6b391-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4569-6b391-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The CD media configuration function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4570-4d216-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4570-4d216-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4570-4d216-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The Service configuration-1 function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4571-d454c-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4571-d454c-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4571-d454c-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
"value": "The Service configuration-2 function in ASUS BMC\u2019s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privileged permission, remote attackers use the leakage to abnormally terminate the Web service."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4571-d454c-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4571-d454c-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4571-d454c-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary."
|
||||
"value": "The Web Set Media Image function in ASUS BMC\u2019s firmware Web management page does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4573-aa336-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4573-aa336-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4573-aa336-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -5,7 +5,7 @@
|
||||
"DATE_PUBLIC": "2021-04-06T02:48:00.000Z",
|
||||
"ID": "CVE-2021-28204",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "ASUS BMC's firmware: command injection - Modify user’s information function"
|
||||
"TITLE": "ASUS BMC's firmware: command injection - Modify user\u2019s information function"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Modify user\u2019s information function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command injection to execute command arbitrary."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4574-b61a6-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4574-b61a6-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4574-b61a6-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -60,7 +60,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Delete SOL video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,16 +98,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4575-2e32d-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4575-2e32d-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4575-2e32d-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4576-422ac-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4576-422ac-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4576-422ac-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Get Help file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4577-60153-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4577-60153-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4577-60153-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Get video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4578-e5d74-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4578-e5d74-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4578-e5d74-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -468,7 +468,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."
|
||||
"value": "The specific function in ASUS BMC\u2019s firmware Web management page (Delete video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use the means of path traversal to access system files."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -506,16 +506,19 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4579-c8827-1.html"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/",
|
||||
"name": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/content/ASUS-Product-Security-Advisory/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.asus.com/tw/support/callus/",
|
||||
"name": "https://www.asus.com/tw/support/callus/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.asus.com/tw/support/callus/"
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.twcert.org.tw/tw/cp-132-4579-c8827-1.html",
|
||||
"name": "https://www.twcert.org.tw/tw/cp-132-4579-c8827-1.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
18
2021/30xxx/CVE-2021-30148.json
Normal file
18
2021/30xxx/CVE-2021-30148.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-30148",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
62
2021/30xxx/CVE-2021-30149.json
Normal file
62
2021/30xxx/CVE-2021-30149.json
Normal file
@ -0,0 +1,62 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2021-30149",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Composr 10.0.36 allows upload and execution of PHP files."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://gitlab.com/composr-foundation/composr/commit/a71c44e03",
|
||||
"refsource": "MISC",
|
||||
"name": "https://gitlab.com/composr-foundation/composr/commit/a71c44e03"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
62
2021/30xxx/CVE-2021-30150.json
Normal file
62
2021/30xxx/CVE-2021-30150.json
Normal file
@ -0,0 +1,62 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2021-30150",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Composr 10.0.36 allows XSS in an XML script."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://gitlab.com/composr-foundation/composr/commit/833a06466",
|
||||
"refsource": "MISC",
|
||||
"name": "https://gitlab.com/composr-foundation/composr/commit/833a06466"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
62
2021/30xxx/CVE-2021-30151.json
Normal file
62
2021/30xxx/CVE-2021-30151.json
Normal file
@ -0,0 +1,62 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"ID": "CVE-2021-30151",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Sidekiq through 5.1.3 and 6.x through 6.2.0 allows XSS via the queue name of the live-poll feature when Internet Explorer is used."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://github.com/mperham/sidekiq/issues/4852",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/mperham/sidekiq/issues/4852"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user