admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#6317

Browse Source 
Auto-merge PR#6317
This commit is contained in:
CVE Team 2022-06-30 12:50:45 -04:00 committed by GitHub
commit 2d96b2de36
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 369 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
2021/38xxx/CVE-2021-38941.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-38941",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6599639",
"title" : "IBM Security Bulletin 6599639 (Cloud Pak for Multicloud Management Monitoring)",
"url" : "https://www.ibm.com/support/pages/node/6599639"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/211048",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-cpmm-cve202138941-priv-escalation (211048)",
"refsource" : "XF"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2021-38941",
"DATE_PUBLIC" : "2022-06-29T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Cloud Pak for Multicloud Management Monitoring",
"version" : {
"version_data" : [
{
"version_value" : "2.0"
},
{
"version_value" : "2.3.FixPack4"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"PR" : "L",
"AV" : "N",
"S" : "U",
"C" : "N",
"AC" : "H",
"A" : "N",
"UI" : "N",
"I" : "H",
"SCORE" : "5.300"
}
}
},
"description" : {
"description_data" : [
{
"value" : "IBM CloudPak for Multicloud Monitoring 2.0 and 2.3 has a few containers running in privileged mode which is vulnerable to host information leakage or destruction if unauthorized access to these containers could execute arbitrary commands. IBM X-Force ID: 211048.",
"lang" : "eng"
}
]
},
"data_format" : "MITRE"
}

111
2021/38xxx/CVE-2021-38954.json
View File

@ -1,18 +1,99 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-38954",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Sterling B2B Integrator",
"version" : {
"version_data" : [
{
"version_value" : "6.0.0.0"
},
{
"version_value" : "6.1.0.0"
},
{
"version_value" : "6.1.1.0"
},
{
"version_value" : "6.0.3.5"
}
]
}
}
]
}
}
]
}
}
]
}
},
"CVE_data_meta" : {
"ID" : "CVE-2021-38954",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2022-06-29T00:00:00"
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"value" : "IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5 and 6.1.0.0 through 6.1.1.0 could disclose sensitive version information that could aid in future attacks against the system. IBM X-Force ID: 211414.",
"lang" : "eng"
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"A" : "N",
"UI" : "N",
"SCORE" : "4.300",
"I" : "N",
"PR" : "L",
"AV" : "N",
"S" : "U",
"AC" : "L",
"C" : "L"
}
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6599607",
"name" : "https://www.ibm.com/support/pages/node/6599607",
"title" : "IBM Security Bulletin 6599607 (Sterling B2B Integrator)"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/211414",
"name" : "ibm-sterling-cve202138954-info-disc (211414)",
"refsource" : "XF"
}
]
}
}

108
2022/22xxx/CVE-2022-22472.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-22472",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"CVE_data_meta" : {
"DATE_PUBLIC" : "2022-06-29T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2022-22472"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Plus",
"version" : {
"version_data" : [
{
"version_value" : "10.1.5"
},
{
"version_value" : "10.1.7"
},
{
"version_value" : "10.1.10.2"
}
]
}
}
]
}
}
]
}
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"I" : "L",
"SCORE" : "6.000",
"UI" : "N",
"A" : "L",
"C" : "L",
"AC" : "H",
"S" : "C",
"AV" : "N",
"PR" : "L"
}
}
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Spectrum Protect Plus Container Backup and Restore (10.1.5 through 10.1.10.2 for Kubernetes and 10.1.7 through 10.1.10.2 for Red Hat OpenShift) could allow a remote attacker to bypass IBM Spectrum Protect Plus role based access control restrictions, caused by improper disclosure of session information. By retrieving the logs of a container an attacker could exploit this vulnerability to bypass login security of the IBM Spectrum Protect Plus server and gain unauthorized access based on the permissions of the IBM Spectrum Protect Plus user to the vulnerable Spectrum Protect Plus server software. IBM X-Force ID: 225340."
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6596907",
"title" : "IBM Security Bulletin 6596907 (Spectrum Protect Plus)",
"url" : "https://www.ibm.com/support/pages/node/6596907"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/225340",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-spectrum-cve202222472-priv-escalation (225340)",
"refsource" : "XF"
}
]
}
}

105
2022/22xxx/CVE-2022-22494.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-22494",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6596883 (Spectrum Protect Operations Center)",
"name" : "https://www.ibm.com/support/pages/node/6596883",
"url" : "https://www.ibm.com/support/pages/node/6596883",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"name" : "ibm-spectrum-cve202222494-info-disc (226940)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/226940",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"value" : "IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14 could allow a remote attacker to gain details of the database, such as type and version, by sending a specially-crafted HTTP request. This information could then be used in future attacks. IBM X-Force ID: 226940.",
"lang" : "eng"
}
]
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"PR" : "N",
"AV" : "N",
"S" : "U",
"AC" : "H",
"C" : "L",
"A" : "N",
"UI" : "N",
"SCORE" : "3.700",
"I" : "N"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "8.1.0.000"
},
{
"version_value" : "8.1.14"
}
]
},
"product_name" : "Spectrum Protect Operations Center"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2022-06-29T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2022-22494"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_version" : "4.0"
}