admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-04-13 14:00:44 +00:00
parent 37f48c68c3
commit 23055ec489
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
16 changed files with 627 additions and 377 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2020/24xxx/CVE-2020-24135.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/9",
"url": "https://github.com/vedees/wcms/issues/9"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24135.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24135.md"
}
]
}

5
2020/24xxx/CVE-2020-24136.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/12",
"url": "https://github.com/vedees/wcms/issues/12"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24136.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24136.md"
}
]
}

5
2020/24xxx/CVE-2020-24137.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/7",
"url": "https://github.com/vedees/wcms/issues/7"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24137.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24137.md"
}
]
}

5
2020/24xxx/CVE-2020-24138.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/10",
"url": "https://github.com/vedees/wcms/issues/10"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24138.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24138.md"
}
]
}

5
2020/24xxx/CVE-2020-24139.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/8",
"url": "https://github.com/vedees/wcms/issues/8"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24139.md"
}
]
}

5
2020/24xxx/CVE-2020-24140.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://github.com/vedees/wcms/issues/11",
"url": "https://github.com/vedees/wcms/issues/11"
},
{
"refsource": "MISC",
"name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24140.md",
"url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24140.md"
}
]
}

50
2021/22xxx/CVE-2021-22505.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22505",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@microfocus.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Operations Agent",
"version": {
"version_data": [
{
"version_value": "12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15."
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Escalation of privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://softwaresupport.softwaregrp.com/doc/KM03792442",
"url": "https://softwaresupport.softwaregrp.com/doc/KM03792442"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Escalation of privileges vulnerability in Micro Focus Operations Agent, affects versions 12.0x, 12.10, 12.11, 12.12, 12.14 and 12.15. The vulnerability could be exploited to escalate privileges and execute code under the account of the Operations Agent."
}
]
}

156
2021/25xxx/CVE-2021-25250.json
View File

@ -1,76 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-25250",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One\r\n",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
},
{
"product_name" : "Trend Micro OfficeScan",
"version" : {
"version_data" : [
{
"version_value" : "XG SP1"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Access Control"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000286019"
},
{
"url" : "https://success.trendmicro.com/solution/000286157"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-400/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-25250",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One\r\n",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
},
{
"product_name": "Trend Micro OfficeScan",
"version": {
"version_data": [
{
"version_value": "XG SP1"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a sensitive file could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000286019",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286019"
},
{
"url": "https://success.trendmicro.com/solution/000286157",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286157"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-400/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-400/"
}
]
}
}

156
2021/25xxx/CVE-2021-25253.json
View File

@ -1,76 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-25253",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One\r\n",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
},
{
"product_name" : "Trend Micro OfficeScan",
"version" : {
"version_data" : [
{
"version_value" : "XG SP1"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Improper Access Control"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000286019"
},
{
"url" : "https://success.trendmicro.com/solution/000286157"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-401/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-25253",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One\r\n",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
},
{
"product_name": "Trend Micro OfficeScan",
"version": {
"version_data": [
{
"version_value": "XG SP1"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An improper access control vulnerability in Trend Micro Apex One, Trend Micro Apex One as a Service and OfficeScan XG SP1 on a resource used by the service could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Improper Access Control"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000286019",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286019"
},
{
"url": "https://success.trendmicro.com/solution/000286157",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286157"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-401/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-401/"
}
]
}
}

61
2021/28xxx/CVE-2021-28421.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-28421",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-28421",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "FluidSynth 2.1.7 contains a use after free vulnerability in sfloader/fluid_sffile.c that can result in arbitrary code execution or a denial of service (DoS) if a malicious soundfont2 file is loaded into a fluidsynth library."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/FluidSynth/fluidsynth/issues/808",
"refsource": "MISC",
"name": "https://github.com/FluidSynth/fluidsynth/issues/808"
},
{
"refsource": "MISC",
"name": "https://github.com/FluidSynth/fluidsynth/pull/810",
"url": "https://github.com/FluidSynth/fluidsynth/pull/810"
}
]
}

156
2021/28xxx/CVE-2021-28645.json
View File

@ -1,76 +1,82 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-28645",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One\r\n",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
},
{
"product_name" : "Trend Micro OfficeScan",
"version" : {
"version_data" : [
{
"version_value" : "XG SP1"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations.\r\n\r\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Incorrect Permission Assignment"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000286019"
},
{
"url" : "https://success.trendmicro.com/solution/000286157"
},
{
"url" : "https://www.zerodayinitiative.com/advisories/ZDI-21-402/"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-28645",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One\r\n",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
},
{
"product_name": "Trend Micro OfficeScan",
"version": {
"version_data": [
{
"version_value": "XG SP1"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An incorrect permission assignment vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Incorrect Permission Assignment"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000286019",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286019"
},
{
"url": "https://success.trendmicro.com/solution/000286157",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286157"
},
{
"url": "https://www.zerodayinitiative.com/advisories/ZDI-21-402/",
"refsource": "MISC",
"name": "https://www.zerodayinitiative.com/advisories/ZDI-21-402/"
}
]
}
}

148
2021/28xxx/CVE-2021-28646.json
View File

@ -1,73 +1,77 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-28646",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Apex One\r\n",
"version" : {
"version_data" : [
{
"version_value" : "2019, SaaS"
}
]
}
},
{
"product_name" : "Trend Micro OfficeScan",
"version" : {
"version_data" : [
{
"version_value" : "XG SP1"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Insecure File Permissions"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://success.trendmicro.com/solution/000286019"
},
{
"url" : "https://success.trendmicro.com/solution/000286157"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-28646",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Apex One\r\n",
"version": {
"version_data": [
{
"version_value": "2019, SaaS"
}
]
}
},
{
"product_name": "Trend Micro OfficeScan",
"version": {
"version_data": [
{
"version_value": "XG SP1"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insecure file permissions vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a local attacker to take control of a specific log file on affected installations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Insecure File Permissions"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://success.trendmicro.com/solution/000286019",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286019"
},
{
"url": "https://success.trendmicro.com/solution/000286157",
"refsource": "MISC",
"name": "https://success.trendmicro.com/solution/000286157"
}
]
}
}

120
2021/28xxx/CVE-2021-28647.json
View File

@ -1,60 +1,62 @@
{
"CVE_data_meta" : {
"ASSIGNER" : "security@trendmicro.com",
"ID" : "CVE-2021-28647",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Trend Micro Password Manager\r\n",
"version" : {
"version_data" : [
{
"version_value" : "5"
}
]
}
}
]
},
"vendor_name" : "Trend Micro"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Trend Micro Password Manager version 5 (Consumer) is vulnerable to a DLL Hijacking vulnerability which could allow an attacker to inject a malicious DLL file during the installation progress and could execute a malicious program each time a user installs a program."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "DLL Hijacking"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://helpcenter.trendmicro.com/en-us/article/TMKA-10282"
}
]
}
}
"CVE_data_meta": {
"ASSIGNER": "security@trendmicro.com",
"ID": "CVE-2021-28647",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Trend Micro Password Manager\r\n",
"version": {
"version_data": [
{
"version_value": "5"
}
]
}
}
]
},
"vendor_name": "Trend Micro"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Trend Micro Password Manager version 5 (Consumer) is vulnerable to a DLL Hijacking vulnerability which could allow an attacker to inject a malicious DLL file during the installation progress and could execute a malicious program each time a user installs a program."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DLL Hijacking"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10282",
"refsource": "MISC",
"name": "https://helpcenter.trendmicro.com/en-us/article/TMKA-10282"
}
]
}
}

5
2021/29xxx/CVE-2021-29357.json
View File

@ -56,6 +56,11 @@
"url": "https://success.outsystems.com/Support/Security/Vulnerabilities/Vulnerability_RTAF-2226",
"refsource": "MISC",
"name": "https://success.outsystems.com/Support/Security/Vulnerabilities/Vulnerability_RTAF-2226"
},
{
"refsource": "MISC",
"name": "https://labs.integrity.pt/advisories/cve-2021-29357/",
"url": "https://labs.integrity.pt/advisories/cve-2021-29357/"
}
]
}

61
2021/30xxx/CVE-2021-30175.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-30175",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-30175",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ZEROF Web Server 1.0 (April 2021) allows SQL Injection via the /HandleEvent endpoint for the login page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://pro.zerof.ru",
"refsource": "MISC",
"name": "https://pro.zerof.ru"
},
{
"refsource": "MISC",
"name": "https://github.com/awillix/research/blob/main/cve/CVE-2021-30175.md",
"url": "https://github.com/awillix/research/blob/main/cve/CVE-2021-30175.md"
}
]
}

61
2021/30xxx/CVE-2021-30176.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-30176",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-30176",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ZEROF Expert pro/2.0 application for mobile devices allows SQL Injection via the Authorization header to the /v2/devices/add endpoint."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://pro.zerof.ru",
"refsource": "MISC",
"name": "https://pro.zerof.ru"
},
{
"refsource": "MISC",
"name": "https://github.com/awillix/research/blob/main/cve/CVE-2021-30176.md",
"url": "https://github.com/awillix/research/blob/main/cve/CVE-2021-30176.md"
}
]
}