Auto-merge PR#2020

Auto-merge PR#2020
This commit is contained in:
CVE Team 2021-06-16 12:15:31 -04:00 committed by GitHub
commit 37adf74a16
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 438 additions and 75 deletions

View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20483",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM Security Identity Manager 6.0.2 is vulnerable to server-side request forgery (SSRF). By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 197591.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Manager",
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
}
]
}
}
]
}
}
]
}
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"S" : "U",
"A" : "N",
"I" : "L",
"C" : "N",
"AV" : "N",
"PR" : "N",
"SCORE" : "5.300",
"UI" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6464081",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6464081 (Security Identity Manager)",
"name" : "https://www.ibm.com/support/pages/node/6464081"
},
{
"name" : "ibm-sim-cve202120483-ssrf (197591)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197591"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-06-15T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-20483"
}
}

View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20488",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"CVE_data_meta" : {
"ID" : "CVE-2021-20488",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2021-06-15T00:00:00"
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6464081",
"url" : "https://www.ibm.com/support/pages/node/6464081",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6464081 (Security Identity Manager)"
},
{
"name" : "ibm-sim-cve202120488-gain-access (197789)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197789",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Security Identity Manager",
"version" : {
"version_data" : [
{
"version_value" : "6.0.2"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"AV" : "N",
"C" : "H",
"PR" : "L",
"SCORE" : "7.500",
"UI" : "N",
"A" : "H",
"S" : "U",
"AC" : "H",
"I" : "H"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Identity Manager 6.0.2 could allow an authenticated malicious user to change the passowrds of other users in the Windows AD enviornemnt when IBM Security Identity Manager Windows Password Synch Plug-in is deployed and configured. IBM X-Force ID: 197789."
}
]
}
}

View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20566",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Resilient SOAR V38.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 199238."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Resilient SOAR",
"version" : {
"version_data" : [
{
"version_value" : "38"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"A" : "N",
"S" : "U",
"AC" : "H",
"I" : "N",
"SCORE" : "5.900",
"PR" : "N",
"UI" : "N",
"AV" : "N",
"C" : "H"
}
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6464043 (Resilient OnPrem)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6464043",
"name" : "https://www.ibm.com/support/pages/node/6464043"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/199238",
"name" : "ibm-resilient-cve202120566-info-disc (199238)"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2021-20566",
"DATE_PUBLIC" : "2021-06-15T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_format" : "MITRE"
}

View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20567",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_version" : "4.0",
"data_type" : "CVE",
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"SCORE" : "4.400",
"PR" : "H",
"UI" : "N",
"AV" : "L",
"C" : "H",
"A" : "N",
"S" : "U",
"AC" : "L",
"I" : "N"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "38"
}
]
},
"product_name" : "Resilient SOAR"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6464039 (Resilient OnPrem)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6464039",
"name" : "https://www.ibm.com/support/pages/node/6464039"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/199239",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-resilient-cve202120567-info-disc (199239)"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Resilient SOAR V38.0 could allow a local privileged attacker to obtain sensitive information due to improper or nonexisting encryption.IBM X-Force ID: 199239."
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2021-06-15T00:00:00",
"ID" : "CVE-2021-20567"
}
}

View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29702",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"CVE_data_meta" : {
"ID" : "CVE-2021-29702",
"DATE_PUBLIC" : "2021-06-15T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1.4 and 11.5.5 is vulnerable to a denial of service as the server terminates abnormally when executing a specially crafted SELECT statement. IBM X-Force ID: 200658."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "11.1.4"
},
{
"version_value" : "11.5.5"
}
]
},
"product_name" : "DB2 for Linux- UNIX and Windows"
}
]
}
}
]
}
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"C" : "N",
"PR" : "N",
"SCORE" : "7.500",
"UI" : "N",
"S" : "U",
"A" : "H",
"AC" : "L",
"I" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6463985",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6463985 (DB2 for Linux- UNIX and Windows)",
"name" : "https://www.ibm.com/support/pages/node/6463985"
},
{
"name" : "ibm-db2-cve202129702-dos (200658)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/200658",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0"
}