admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-06-17 16:01:48 +00:00
parent 2fc6c6a040
commit 2dc03fe605
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 288 additions and 200 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
2022/22xxx/CVE-2022-22485.json
View File

@ -1,93 +1,93 @@
{
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2022-06-16T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2022-22485",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "8.1.0.000"
},
{
"version_value" : "8.1.14.000"
}
]
},
"product_name" : "Spectrum Protect Server"
}
]
}
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
}
},
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"value" : "In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect Server. IBM X-Force ID: 226325.",
"lang" : "eng"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "H",
"S" : "U",
"UI" : "N",
"AV" : "N",
"A" : "N",
"I" : "N",
"C" : "H",
"SCORE" : "5.900",
"PR" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6595655 (Spectrum Protect Server)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6595655",
"name" : "https://www.ibm.com/support/pages/node/6595655"
},
{
"name" : "ibm-spectrum-cve202222485-info-disc (226325)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/226325",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
}
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2022-06-16T00:00:00",
"STATE": "PUBLIC",
"ID": "CVE-2022-22485",
"ASSIGNER": "psirt@us.ibm.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "8.1.0.000"
},
{
"version_value": "8.1.14.000"
}
]
},
"product_name": "Spectrum Protect Server"
}
]
}
}
]
}
},
"data_type": "CVE",
"description": {
"description_data": [
{
"value": "In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect Server. IBM X-Force ID: 226325.",
"lang": "eng"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AC": "H",
"S": "U",
"UI": "N",
"AV": "N",
"A": "N",
"I": "N",
"C": "H",
"SCORE": "5.900",
"PR": "N"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6595655 (Spectrum Protect Server)",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6595655",
"name": "https://www.ibm.com/support/pages/node/6595655"
},
{
"name": "ibm-spectrum-cve202222485-info-disc (226325)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/226325",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
}
}

196
2022/30xxx/CVE-2022-30607.json
View File

@ -1,102 +1,102 @@
{
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"value" : "IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow a user to obtain sensitive information due to information properly masked in the control center UI. IBM X-Force ID: 227294.",
"lang" : "eng"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"PR" : "H",
"SCORE" : "2.700",
"C" : "L",
"AV" : "N",
"I" : "N",
"A" : "N",
"S" : "U",
"UI" : "N",
"AC" : "L"
}
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6595759 (Robotic Process Automation)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6595759",
"url" : "https://www.ibm.com/support/pages/node/6595759"
},
{
"name" : "ibm-rpa-cve202230607-info-disc (227294)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/227294",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2022-06-16T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2022-30607"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Robotic Process Automation",
"version" : {
"version_data" : [
{
"version_value" : "21.0.0"
},
{
"version_value" : "21.0.1"
},
{
"version_value" : "21.0.2"
},
{
"version_value" : "20.10.0"
},
{
"version_value" : "20.12.5"
}
]
}
}
]
},
"vendor_name" : "IBM"
"value": "IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow a user to obtain sensitive information due to information properly masked in the control center UI. IBM X-Force ID: 227294.",
"lang": "eng"
}
]
}
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"PR": "H",
"SCORE": "2.700",
"C": "L",
"AV": "N",
"I": "N",
"A": "N",
"S": "U",
"UI": "N",
"AC": "L"
}
}
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6595759 (Robotic Process Automation)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6595759",
"url": "https://www.ibm.com/support/pages/node/6595759"
},
{
"name": "ibm-rpa-cve202230607-info-disc (227294)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/227294",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"data_format": "MITRE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2022-06-16T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2022-30607"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Robotic Process Automation",
"version": {
"version_data": [
{
"version_value": "21.0.0"
},
{
"version_value": "21.0.1"
},
{
"version_value": "21.0.2"
},
{
"version_value": "20.10.0"
},
{
"version_value": "20.12.5"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
}
}
}
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
}

56
2022/32xxx/CVE-2022-32442.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32442",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32442",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "u5cms version 8.3.5 is vulnerable to Cross Site Scripting (XSS). When a user accesses the default home page if the parameter passed in is http://127.0.0.1/? \"Onmouseover=%27tzgl (96502)%27bad=\", it can cause html injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/u5cms/u5cms/issues/49",
"refsource": "MISC",
"name": "https://github.com/u5cms/u5cms/issues/49"
}
]
}

56
2022/32xxx/CVE-2022-32444.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-32444",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-32444",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in u5cms verion 8.3.5 There is a URL redirection vulnerability that can cause a user's browser to be redirected to another site via /loginsave.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/u5cms/u5cms/issues/50",
"refsource": "MISC",
"name": "https://github.com/u5cms/u5cms/issues/50"
}
]
}