"-Synchronized-Data."

2025-07-30 18:04:30 +00:00 · 2022-10-19 16:00:49 +00:00 · 2022-10-19 16:00:49 +00:00 · 1e283e5ff9
commit 1e283e5ff9
parent 5cafb0aeda
37 changed files with 169 additions and 124 deletions
--- a/2022/3xxx/CVE-2022-3569.json
+++ b/2022/3xxx/CVE-2022-3569.json
@ -1,96 +1,101 @@
 {
-  "data_type": "CVE",
-  "data_format": "MITRE",
-  "data_version": "4.0",
-  "generator": {
-    "engine": "Vulnogram 0.0.9"
-  },
-  "CVE_data_meta": {
-    "ID": "CVE-2022-3569",
-    "ASSIGNER": "cve@rapid7.com",
-    "DATE_PUBLIC": "2022-10-13T12:41:00.000Z",
-    "TITLE": "",
-    "AKA": "",
-    "STATE": "PUBLIC"
-  },
-  "source": {
-    "defect": [],
-    "advisory": "",
-    "discovery": "EXTERNAL"
-  },
-  "affects": {
-    "vendor": {
-      "vendor_data": [
-        {
-          "vendor_name": "Synacor",
-          "product": {
-            "product_data": [
-              {
-                "product_name": "Zimbra Collaboration Suite (ZCS)",
-                "version": {
-                  "version_data": [
-                    {
-                      "version_name": "9.0.0",
-                      "version_affected": "<=",
-                      "version_value": "9.0.0",
-                      "platform": ""
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "generator": {
+        "engine": "Vulnogram 0.0.9"
+    },
+    "CVE_data_meta": {
+        "ID": "CVE-2022-3569",
+        "ASSIGNER": "cve@rapid7.com",
+        "DATE_PUBLIC": "2022-10-13T12:41:00.000Z",
+        "TITLE": "",
+        "AKA": "",
+        "STATE": "PUBLIC"
+    },
+    "source": {
+        "defect": [],
+        "advisory": "",
+        "discovery": "EXTERNAL"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Synacor",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Zimbra Collaboration Suite (ZCS)",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_name": "9.0.0",
+                                            "version_affected": "<=",
+                                            "version_value": "9.0.0",
+                                            "platform": ""
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
                    }
-                  ]
                }
-              }
            ]
-          }
        }
-      ]
-    }
-  },
-  "problemtype": {
-    "problemtype_data": [
-      {
-        "description": [
-          {
-            "lang": "eng",
-            "value": "CWE-271 Privilege Dropping / Lowering Errors"
-          }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-271 Privilege Dropping / Lowering Errors"
+                    }
+                ]
+            }
        ]
-      }
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'."
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "url": "https://twitter.com/ldsopreload/status/1580539318879547392",
+                "name": "https://twitter.com/ldsopreload/status/1580539318879547392"
+            },
+            {
+                "refsource": "MISC",
+                "url": "https://github.com/rapid7/metasploit-framework/pull/17141",
+                "name": "https://github.com/rapid7/metasploit-framework/pull/17141"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/169430/Zimbra-Privilege-Escalation.html",
+                "url": "http://packetstormsecurity.com/files/169430/Zimbra-Privilege-Escalation.html"
+            }
+        ]
+    },
+    "configuration": [],
+    "exploit": [
+        {
+            "lang": "eng",
+            "value": "A public Metasploit module exists for this issue."
+        }
+    ],
+    "work_around": [],
+    "solution": [],
+    "credit": [
+        {
+            "lang": "eng",
+            "value": "Originally reported by Twitter user @ldsopreload, validated by Ron Bowes of Rapid7"
+        }
    ]
-  },
-  "description": {
-    "description_data": [
-      {
-        "lang": "eng",
-        "value": "Due to an issue with incorrect sudo permissions, Zimbra Collaboration Suite (ZCS) suffers from a local privilege escalation issue in versions 9.0.0 and prior, where the 'zimbra' user can effectively coerce postfix into running arbitrary commands as 'root'."
-      }
-    ]
-  },
-  "references": {
-    "reference_data": [
-      {
-        "refsource": "MISC",
-        "url": "https://twitter.com/ldsopreload/status/1580539318879547392",
-        "name": "https://twitter.com/ldsopreload/status/1580539318879547392"
-      },
-      {
-        "refsource": "MISC",
-        "url": "https://github.com/rapid7/metasploit-framework/pull/17141",
-        "name": "https://github.com/rapid7/metasploit-framework/pull/17141"
-      }
-    ]
-  },
-  "configuration": [],
-  "exploit": [
-    {
-      "lang": "eng",
-      "value": "A public Metasploit module exists for this issue."
-    }
-  ],
-  "work_around": [],
-  "solution": [],
-  "credit": [
-    {
-      "lang": "eng",
-      "value": "Originally reported by Twitter user @ldsopreload, validated by Ron Bowes of Rapid7"
-    }
-  ]
-}
+}
--- a/2022/40xxx/CVE-2022-40684.json
+++ b/2022/40xxx/CVE-2022-40684.json
@ -64,6 +64,11 @@
                "refsource": "CONFIRM",
                "name": "https://fortiguard.com/psirt/FG-IR-22-377",
                "url": "https://fortiguard.com/psirt/FG-IR-22-377"
+            },
+            {
+                "refsource": "MISC",
+                "name": "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html",
+                "url": "http://packetstormsecurity.com/files/169431/Fortinet-FortiOS-FortiProxy-FortiSwitchManager-Authentication-Bypass.html"
            }
        ]
    },
--- a/2022/43xxx/CVE-2022-43401.json
+++ b/2022/43xxx/CVE-2022-43401.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43401",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43402.json
+++ b/2022/43xxx/CVE-2022-43402.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43402",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43403.json
+++ b/2022/43xxx/CVE-2022-43403.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43403",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43404.json
+++ b/2022/43xxx/CVE-2022-43404.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43404",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43405.json
+++ b/2022/43xxx/CVE-2022-43405.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43405",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43406.json
+++ b/2022/43xxx/CVE-2022-43406.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43406",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43407.json
+++ b/2022/43xxx/CVE-2022-43407.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43407",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43408.json
+++ b/2022/43xxx/CVE-2022-43408.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43408",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43409.json
+++ b/2022/43xxx/CVE-2022-43409.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43409",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43410.json
+++ b/2022/43xxx/CVE-2022-43410.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43410",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43411.json
+++ b/2022/43xxx/CVE-2022-43411.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43411",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43412.json
+++ b/2022/43xxx/CVE-2022-43412.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43412",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43413.json
+++ b/2022/43xxx/CVE-2022-43413.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43413",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43414.json
+++ b/2022/43xxx/CVE-2022-43414.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43414",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43415.json
+++ b/2022/43xxx/CVE-2022-43415.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43415",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43416.json
+++ b/2022/43xxx/CVE-2022-43416.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43416",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43417.json
+++ b/2022/43xxx/CVE-2022-43417.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43417",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43418.json
+++ b/2022/43xxx/CVE-2022-43418.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43418",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43419.json
+++ b/2022/43xxx/CVE-2022-43419.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43419",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43420.json
+++ b/2022/43xxx/CVE-2022-43420.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43420",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43421.json
+++ b/2022/43xxx/CVE-2022-43421.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43421",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43422.json
+++ b/2022/43xxx/CVE-2022-43422.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43422",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43423.json
+++ b/2022/43xxx/CVE-2022-43423.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43423",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43424.json
+++ b/2022/43xxx/CVE-2022-43424.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43424",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43425.json
+++ b/2022/43xxx/CVE-2022-43425.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43425",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43426.json
+++ b/2022/43xxx/CVE-2022-43426.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43426",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43427.json
+++ b/2022/43xxx/CVE-2022-43427.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43427",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43428.json
+++ b/2022/43xxx/CVE-2022-43428.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43428",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43429.json
+++ b/2022/43xxx/CVE-2022-43429.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43429",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43430.json
+++ b/2022/43xxx/CVE-2022-43430.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43430",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43431.json
+++ b/2022/43xxx/CVE-2022-43431.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43431",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43432.json
+++ b/2022/43xxx/CVE-2022-43432.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43432",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43433.json
+++ b/2022/43xxx/CVE-2022-43433.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43433",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43434.json
+++ b/2022/43xxx/CVE-2022-43434.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43434",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
--- a/2022/43xxx/CVE-2022-43435.json
+++ b/2022/43xxx/CVE-2022-43435.json
@ -1,7 +1,8 @@
 {
    "CVE_data_meta": {
        "ID": "CVE-2022-43435",
-        "ASSIGNER": "jenkinsci-cert@googlegroups.com"
+        "ASSIGNER": "jenkinsci-cert@googlegroups.com",
+        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {