admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-07-20 18:00:46 +00:00
parent eddc259f71
commit 3ae7dd6412
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
7 changed files with 420 additions and 340 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

204
2021/29xxx/CVE-2021-29755.json
View File

@ -1,105 +1,105 @@
{
"CVE_data_meta" : {
"ID" : "CVE-2021-29755",
"DATE_PUBLIC" : "2022-07-19T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6605431",
"title" : "IBM Security Bulletin 6605431 (QRadar SIEM)",
"url" : "https://www.ibm.com/support/pages/node/6605431",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-qradar-cve202129755-info-disc (202015)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/202015"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"CVE_data_meta": {
"ID": "CVE-2021-29755",
"DATE_PUBLIC": "2022-07-19T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "QRadar SIEM",
"version" : {
"version_data" : [
{
"version_value" : "7.3.0"
},
{
"version_value" : "7.4.0"
},
{
"version_value" : "7.5.0"
},
{
"version_value" : "7.3.3.FixPack11"
},
{
"version_value" : "7.4.3.FixPack5"
},
{
"version_value" : "7.5.0.UpdatePack1"
}
]
}
}
]
}
"name": "https://www.ibm.com/support/pages/node/6605431",
"title": "IBM Security Bulletin 6605431 (QRadar SIEM)",
"url": "https://www.ibm.com/support/pages/node/6605431",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-qradar-cve202129755-info-disc (202015)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/202015"
}
]
}
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"UI" : "N",
"AV" : "N",
"I" : "N",
"C" : "H",
"S" : "U",
"SCORE" : "5.900",
"PR" : "N",
"A" : "N",
"AC" : "H"
}
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015."
}
]
}
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "QRadar SIEM",
"version": {
"version_data": [
{
"version_value": "7.3.0"
},
{
"version_value": "7.4.0"
},
{
"version_value": "7.5.0"
},
{
"version_value": "7.3.3.FixPack11"
},
{
"version_value": "7.4.3.FixPack5"
},
{
"version_value": "7.5.0.UpdatePack1"
}
]
}
}
]
}
}
]
}
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"UI": "N",
"AV": "N",
"I": "N",
"C": "H",
"S": "U",
"SCORE": "5.900",
"PR": "N",
"A": "N",
"AC": "H"
}
}
},
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015."
}
]
}
}

204
2021/38xxx/CVE-2021-38936.json
View File

@ -1,105 +1,105 @@
{
"data_format" : "MITRE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2022-07-19T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-38936"
},
"description" : {
"description_data" : [
{
"value" : "IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"I" : "N",
"C" : "H",
"UI" : "N",
"S" : "U",
"SCORE" : "4.900",
"PR" : "H",
"AC" : "L",
"A" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_format": "MITRE",
"CVE_data_meta": {
"DATE_PUBLIC": "2022-07-19T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-38936"
},
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.3.0"
},
{
"version_value" : "7.4.0"
},
{
"version_value" : "7.5.0"
},
{
"version_value" : "7.3.3.FixPack11"
},
{
"version_value" : "7.4.3.FixPack5"
},
{
"version_value" : "7.5.0.UpdatePack1"
}
]
},
"product_name" : "QRadar SIEM"
}
]
},
"vendor_name" : "IBM"
"value": "IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893.",
"lang": "eng"
}
]
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6605429",
"title" : "IBM Security Bulletin 6605429 (QRadar SIEM)",
"name" : "https://www.ibm.com/support/pages/node/6605429"
},
{
"name" : "ibm-qradar-cve202138936-info-disc (210893)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/210893",
"refsource" : "XF"
}
]
}
}
]
},
"data_version": "4.0",
"impact": {
"cvssv3": {
"BM": {
"AV": "N",
"I": "N",
"C": "H",
"UI": "N",
"S": "U",
"SCORE": "4.900",
"PR": "H",
"AC": "L",
"A": "N"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.3.0"
},
{
"version_value": "7.4.0"
},
{
"version_value": "7.5.0"
},
{
"version_value": "7.3.3.FixPack11"
},
{
"version_value": "7.4.3.FixPack5"
},
{
"version_value": "7.5.0.UpdatePack1"
}
]
},
"product_name": "QRadar SIEM"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6605429",
"title": "IBM Security Bulletin 6605429 (QRadar SIEM)",
"name": "https://www.ibm.com/support/pages/node/6605429"
},
{
"name": "ibm-qradar-cve202138936-info-disc (210893)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/210893",
"refsource": "XF"
}
]
}
}

204
2022/22xxx/CVE-2022-22424.json
View File

@ -1,105 +1,105 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "QRadar SIEM",
"version" : {
"version_data" : [
{
"version_value" : "7.3.0"
},
{
"version_value" : "7.4.0"
},
{
"version_value" : "7.5.0"
},
{
"version_value" : "7.3.3.FixPack11"
},
{
"version_value" : "7.4.3.FixPack5"
},
{
"version_value" : "7.5.0.UpdatePack1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6605433",
"title" : "IBM Security Bulletin 6605433 (QRadar SIEM)",
"name" : "https://www.ibm.com/support/pages/node/6605433"
},
{
"name" : "ibm-qradar-cve202222424-info-disc (223597)",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/223597",
"refsource" : "XF"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597."
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"UI" : "N",
"AV" : "L",
"I" : "N",
"C" : "H",
"S" : "U",
"SCORE" : "5.100",
"PR" : "N",
"A" : "N",
"AC" : "H"
}
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2022-07-19T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2022-22424"
},
"data_format" : "MITRE"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "QRadar SIEM",
"version": {
"version_data": [
{
"version_value": "7.3.0"
},
{
"version_value": "7.4.0"
},
{
"version_value": "7.5.0"
},
{
"version_value": "7.3.3.FixPack11"
},
{
"version_value": "7.4.3.FixPack5"
},
{
"version_value": "7.5.0.UpdatePack1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6605433",
"title": "IBM Security Bulletin 6605433 (QRadar SIEM)",
"name": "https://www.ibm.com/support/pages/node/6605433"
},
{
"name": "ibm-qradar-cve202222424-info-disc (223597)",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223597",
"refsource": "XF"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597."
}
]
},
"data_version": "4.0",
"data_type": "CVE",
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM": {
"UI": "N",
"AV": "L",
"I": "N",
"C": "H",
"S": "U",
"SCORE": "5.100",
"PR": "N",
"A": "N",
"AC": "H"
}
}
},
"CVE_data_meta": {
"DATE_PUBLIC": "2022-07-19T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2022-22424"
},
"data_format": "MITRE"
}

40
2022/26xxx/CVE-2022-26136.json
View File

@ -132,7 +132,7 @@
"version_value": "7.7.0",
"version_affected": ">="
},
{
{
"version_value": "7.16.0",
"version_affected": ">="
},
@ -442,7 +442,7 @@
"version_value": "4.13.22",
"version_affected": "<"
},
{
{
"version_value": "4.14.0",
"version_affected": ">="
},
@ -469,7 +469,7 @@
"version_value": "4.13.22",
"version_affected": "<"
},
{
{
"version_value": "4.14.0",
"version_affected": ">="
},
@ -521,29 +521,45 @@
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/BAM-21795"
"url": "https://jira.atlassian.com/browse/BAM-21795",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/BAM-21795"
},
{
"url": "https://jira.atlassian.com/browse/BSERV-13370"
"url": "https://jira.atlassian.com/browse/BSERV-13370",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/BSERV-13370"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-79476"
"url": "https://jira.atlassian.com/browse/CONFSERVER-79476",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CONFSERVER-79476"
},
{
"url": "https://jira.atlassian.com/browse/CWD-5815"
"url": "https://jira.atlassian.com/browse/CWD-5815",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CWD-5815"
},
{
"url": "https://jira.atlassian.com/browse/FE-7410"
"url": "https://jira.atlassian.com/browse/FE-7410",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/FE-7410"
},
{
"url": "https://jira.atlassian.com/browse/CRUC-8541"
"url": "https://jira.atlassian.com/browse/CRUC-8541",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CRUC-8541"
},
{
"url": "https://jira.atlassian.com/browse/JRASERVER-73897"
"url": "https://jira.atlassian.com/browse/JRASERVER-73897",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JRASERVER-73897"
},
{
"url": "https://jira.atlassian.com/browse/JSDSERVER-11863"
"url": "https://jira.atlassian.com/browse/JSDSERVER-11863",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JSDSERVER-11863"
}
]
}
}
}

42
2022/26xxx/CVE-2022-26137.json
View File

@ -132,7 +132,7 @@
"version_value": "7.7.0",
"version_affected": ">="
},
{
{
"version_value": "7.16.0",
"version_affected": ">="
},
@ -442,7 +442,7 @@
"version_value": "4.13.22",
"version_affected": "<"
},
{
{
"version_value": "4.14.0",
"version_affected": ">="
},
@ -469,7 +469,7 @@
"version_value": "4.13.22",
"version_affected": "<"
},
{
{
"version_value": "4.14.0",
"version_affected": ">="
},
@ -502,7 +502,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this vulnerability: Cross-origin resource sharing (CORS) bypass. Sending a specially crafted HTTP request can invoke the Servlet Filter used to respond to CORS requests, resulting in a CORS bypass. An attacker that can trick a user into requesting a malicious URL can access the vulnerable application with the victims permissions. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4."
"value": "A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this vulnerability: Cross-origin resource sharing (CORS) bypass. Sending a specially crafted HTTP request can invoke the Servlet Filter used to respond to CORS requests, resulting in a CORS bypass. An attacker that can trick a user into requesting a malicious URL can access the vulnerable application with the victim\u2019s permissions. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4."
}
]
},
@ -521,29 +521,45 @@
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/BAM-21795"
"url": "https://jira.atlassian.com/browse/BAM-21795",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/BAM-21795"
},
{
"url": "https://jira.atlassian.com/browse/BSERV-13370"
"url": "https://jira.atlassian.com/browse/BSERV-13370",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/BSERV-13370"
},
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-79476"
"url": "https://jira.atlassian.com/browse/CONFSERVER-79476",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CONFSERVER-79476"
},
{
"url": "https://jira.atlassian.com/browse/CWD-5815"
"url": "https://jira.atlassian.com/browse/CWD-5815",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CWD-5815"
},
{
"url": "https://jira.atlassian.com/browse/FE-7410"
"url": "https://jira.atlassian.com/browse/FE-7410",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/FE-7410"
},
{
"url": "https://jira.atlassian.com/browse/CRUC-8541"
"url": "https://jira.atlassian.com/browse/CRUC-8541",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CRUC-8541"
},
{
"url": "https://jira.atlassian.com/browse/JRASERVER-73897"
"url": "https://jira.atlassian.com/browse/JRASERVER-73897",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JRASERVER-73897"
},
{
"url": "https://jira.atlassian.com/browse/JSDSERVER-11863"
"url": "https://jira.atlassian.com/browse/JSDSERVER-11863",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/JSDSERVER-11863"
}
]
}
}
}

10
2022/26xxx/CVE-2022-26138.json
View File

@ -63,11 +63,15 @@
"references": {
"reference_data": [
{
"url": "https://jira.atlassian.com/browse/CONFSERVER-79483"
"url": "https://jira.atlassian.com/browse/CONFSERVER-79483",
"refsource": "MISC",
"name": "https://jira.atlassian.com/browse/CONFSERVER-79483"
},
{
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html"
"url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html",
"refsource": "MISC",
"name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html"
}
]
}
}
}

56
2022/35xxx/CVE-2022-35569.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-35569",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-35569",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Blogifier v3.0 was discovered to contain an arbitrary file upload vulnerability at /api/storage/upload/PostImage. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted file."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/blogifierdotnet/Blogifier/issues/316",
"refsource": "MISC",
"name": "https://github.com/blogifierdotnet/Blogifier/issues/316"
}
]
}