From 3ae7dd64126ce1c0c102e52995af84ecbbed0216 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 20 Jul 2022 18:00:46 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/29xxx/CVE-2021-29755.json | 204 ++++++++++++++++----------------- 2021/38xxx/CVE-2021-38936.json | 204 ++++++++++++++++----------------- 2022/22xxx/CVE-2022-22424.json | 204 ++++++++++++++++----------------- 2022/26xxx/CVE-2022-26136.json | 40 +++++-- 2022/26xxx/CVE-2022-26137.json | 42 ++++--- 2022/26xxx/CVE-2022-26138.json | 10 +- 2022/35xxx/CVE-2022-35569.json | 56 ++++++++- 7 files changed, 420 insertions(+), 340 deletions(-) diff --git a/2021/29xxx/CVE-2021-29755.json b/2021/29xxx/CVE-2021-29755.json index 84640fee0ed..1fa062c34dd 100644 --- a/2021/29xxx/CVE-2021-29755.json +++ b/2021/29xxx/CVE-2021-29755.json @@ -1,105 +1,105 @@ { - "CVE_data_meta" : { - "ID" : "CVE-2021-29755", - "DATE_PUBLIC" : "2022-07-19T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC" - }, - "data_format" : "MITRE", - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6605431", - "title" : "IBM Security Bulletin 6605431 (QRadar SIEM)", - "url" : "https://www.ibm.com/support/pages/node/6605431", - "refsource" : "CONFIRM" - }, - { - "title" : "X-Force Vulnerability Report", - "name" : "ibm-qradar-cve202129755-info-disc (202015)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/202015" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "CVE_data_meta": { + "ID": "CVE-2021-29755", + "DATE_PUBLIC": "2022-07-19T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + }, + "data_format": "MITRE", + "references": { + "reference_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "QRadar SIEM", - "version" : { - "version_data" : [ - { - "version_value" : "7.3.0" - }, - { - "version_value" : "7.4.0" - }, - { - "version_value" : "7.5.0" - }, - { - "version_value" : "7.3.3.FixPack11" - }, - { - "version_value" : "7.4.3.FixPack5" - }, - { - "version_value" : "7.5.0.UpdatePack1" - } - ] - } - } - ] - } + "name": "https://www.ibm.com/support/pages/node/6605431", + "title": "IBM Security Bulletin 6605431 (QRadar SIEM)", + "url": "https://www.ibm.com/support/pages/node/6605431", + "refsource": "CONFIRM" + }, + { + "title": "X-Force Vulnerability Report", + "name": "ibm-qradar-cve202129755-info-disc (202015)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/202015" } - ] - } - }, - "data_type" : "CVE", - "impact" : { - "cvssv3" : { - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - }, - "BM" : { - "UI" : "N", - "AV" : "N", - "I" : "N", - "C" : "H", - "S" : "U", - "SCORE" : "5.900", - "PR" : "N", - "A" : "N", - "AC" : "H" - } - } - }, - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015." - } - ] - } -} + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "QRadar SIEM", + "version": { + "version_data": [ + { + "version_value": "7.3.0" + }, + { + "version_value": "7.4.0" + }, + { + "version_value": "7.5.0" + }, + { + "version_value": "7.3.3.FixPack11" + }, + { + "version_value": "7.4.3.FixPack5" + }, + { + "version_value": "7.5.0.UpdatePack1" + } + ] + } + } + ] + } + } + ] + } + }, + "data_type": "CVE", + "impact": { + "cvssv3": { + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + }, + "BM": { + "UI": "N", + "AV": "N", + "I": "N", + "C": "H", + "S": "U", + "SCORE": "5.900", + "PR": "N", + "A": "N", + "AC": "H" + } + } + }, + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM QRadar SIEM 7.3, 7.4, and 7.5 does not preform proper certificate validation for some inter-host communications. IBM X-Force ID: 202015." + } + ] + } +} \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38936.json b/2021/38xxx/CVE-2021-38936.json index 5705ed48099..c9039a95ff7 100644 --- a/2021/38xxx/CVE-2021-38936.json +++ b/2021/38xxx/CVE-2021-38936.json @@ -1,105 +1,105 @@ { - "data_format" : "MITRE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2022-07-19T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2021-38936" - }, - "description" : { - "description_data" : [ - { - "value" : "IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893.", - "lang" : "eng" - } - ] - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "BM" : { - "AV" : "N", - "I" : "N", - "C" : "H", - "UI" : "N", - "S" : "U", - "SCORE" : "4.900", - "PR" : "H", - "AC" : "L", - "A" : "N" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_format": "MITRE", + "CVE_data_meta": { + "DATE_PUBLIC": "2022-07-19T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2021-38936" + }, + "description": { + "description_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "7.3.0" - }, - { - "version_value" : "7.4.0" - }, - { - "version_value" : "7.5.0" - }, - { - "version_value" : "7.3.3.FixPack11" - }, - { - "version_value" : "7.4.3.FixPack5" - }, - { - "version_value" : "7.5.0.UpdatePack1" - } - ] - }, - "product_name" : "QRadar SIEM" - } - ] - }, - "vendor_name" : "IBM" + "value": "IBM QRadar SIEM 7.3, 7.4, and 7.5 could disclose highly sensitive information to a privileged user. IBM X-Force ID: 210893.", + "lang": "eng" } - ] - } - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6605429", - "title" : "IBM Security Bulletin 6605429 (QRadar SIEM)", - "name" : "https://www.ibm.com/support/pages/node/6605429" - }, - { - "name" : "ibm-qradar-cve202138936-info-disc (210893)", - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/210893", - "refsource" : "XF" - } - ] - } -} + ] + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "BM": { + "AV": "N", + "I": "N", + "C": "H", + "UI": "N", + "S": "U", + "SCORE": "4.900", + "PR": "H", + "AC": "L", + "A": "N" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "7.3.0" + }, + { + "version_value": "7.4.0" + }, + { + "version_value": "7.5.0" + }, + { + "version_value": "7.3.3.FixPack11" + }, + { + "version_value": "7.4.3.FixPack5" + }, + { + "version_value": "7.5.0.UpdatePack1" + } + ] + }, + "product_name": "QRadar SIEM" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6605429", + "title": "IBM Security Bulletin 6605429 (QRadar SIEM)", + "name": "https://www.ibm.com/support/pages/node/6605429" + }, + { + "name": "ibm-qradar-cve202138936-info-disc (210893)", + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/210893", + "refsource": "XF" + } + ] + } +} \ No newline at end of file diff --git a/2022/22xxx/CVE-2022-22424.json b/2022/22xxx/CVE-2022-22424.json index 4c01aa56408..cd62e48a0f6 100644 --- a/2022/22xxx/CVE-2022-22424.json +++ b/2022/22xxx/CVE-2022-22424.json @@ -1,105 +1,105 @@ { - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "QRadar SIEM", - "version" : { - "version_data" : [ - { - "version_value" : "7.3.0" - }, - { - "version_value" : "7.4.0" - }, - { - "version_value" : "7.5.0" - }, - { - "version_value" : "7.3.3.FixPack11" - }, - { - "version_value" : "7.4.3.FixPack5" - }, - { - "version_value" : "7.5.0.UpdatePack1" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] } - ] - } - }, - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6605433", - "title" : "IBM Security Bulletin 6605433 (QRadar SIEM)", - "name" : "https://www.ibm.com/support/pages/node/6605433" - }, - { - "name" : "ibm-qradar-cve202222424-info-disc (223597)", - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/223597", - "refsource" : "XF" - } - ] - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597." - } - ] - }, - "data_version" : "4.0", - "data_type" : "CVE", - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - }, - "BM" : { - "UI" : "N", - "AV" : "L", - "I" : "N", - "C" : "H", - "S" : "U", - "SCORE" : "5.100", - "PR" : "N", - "A" : "N", - "AC" : "H" - } - } - }, - "CVE_data_meta" : { - "DATE_PUBLIC" : "2022-07-19T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "ID" : "CVE-2022-22424" - }, - "data_format" : "MITRE" -} + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "QRadar SIEM", + "version": { + "version_data": [ + { + "version_value": "7.3.0" + }, + { + "version_value": "7.4.0" + }, + { + "version_value": "7.5.0" + }, + { + "version_value": "7.3.3.FixPack11" + }, + { + "version_value": "7.4.3.FixPack5" + }, + { + "version_value": "7.5.0.UpdatePack1" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6605433", + "title": "IBM Security Bulletin 6605433 (QRadar SIEM)", + "name": "https://www.ibm.com/support/pages/node/6605433" + }, + { + "name": "ibm-qradar-cve202222424-info-disc (223597)", + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/223597", + "refsource": "XF" + } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM QRadar SIEM 7.3, 7.4, and 7.5 could allow a local user to obtain sensitive information from the TLS key file due to incorrect file permissions. IBM X-Force ID: 223597." + } + ] + }, + "data_version": "4.0", + "data_type": "CVE", + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "RC": "C", + "E": "U" + }, + "BM": { + "UI": "N", + "AV": "L", + "I": "N", + "C": "H", + "S": "U", + "SCORE": "5.100", + "PR": "N", + "A": "N", + "AC": "H" + } + } + }, + "CVE_data_meta": { + "DATE_PUBLIC": "2022-07-19T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "ID": "CVE-2022-22424" + }, + "data_format": "MITRE" +} \ No newline at end of file diff --git a/2022/26xxx/CVE-2022-26136.json b/2022/26xxx/CVE-2022-26136.json index 7595e3791d4..4fc4c27681c 100644 --- a/2022/26xxx/CVE-2022-26136.json +++ b/2022/26xxx/CVE-2022-26136.json @@ -132,7 +132,7 @@ "version_value": "7.7.0", "version_affected": ">=" }, - { + { "version_value": "7.16.0", "version_affected": ">=" }, @@ -442,7 +442,7 @@ "version_value": "4.13.22", "version_affected": "<" }, - { + { "version_value": "4.14.0", "version_affected": ">=" }, @@ -469,7 +469,7 @@ "version_value": "4.13.22", "version_affected": "<" }, - { + { "version_value": "4.14.0", "version_affected": ">=" }, @@ -521,29 +521,45 @@ "references": { "reference_data": [ { - "url": "https://jira.atlassian.com/browse/BAM-21795" + "url": "https://jira.atlassian.com/browse/BAM-21795", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/BAM-21795" }, { - "url": "https://jira.atlassian.com/browse/BSERV-13370" + "url": "https://jira.atlassian.com/browse/BSERV-13370", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/BSERV-13370" }, { - "url": "https://jira.atlassian.com/browse/CONFSERVER-79476" + "url": "https://jira.atlassian.com/browse/CONFSERVER-79476", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/CONFSERVER-79476" }, { - "url": "https://jira.atlassian.com/browse/CWD-5815" + "url": "https://jira.atlassian.com/browse/CWD-5815", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/CWD-5815" }, { - "url": "https://jira.atlassian.com/browse/FE-7410" + "url": "https://jira.atlassian.com/browse/FE-7410", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/FE-7410" }, { - "url": "https://jira.atlassian.com/browse/CRUC-8541" + "url": "https://jira.atlassian.com/browse/CRUC-8541", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/CRUC-8541" }, { - "url": "https://jira.atlassian.com/browse/JRASERVER-73897" + "url": "https://jira.atlassian.com/browse/JRASERVER-73897", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/JRASERVER-73897" }, { - "url": "https://jira.atlassian.com/browse/JSDSERVER-11863" + "url": "https://jira.atlassian.com/browse/JSDSERVER-11863", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/JSDSERVER-11863" } ] } -} +} \ No newline at end of file diff --git a/2022/26xxx/CVE-2022-26137.json b/2022/26xxx/CVE-2022-26137.json index 4f094f3e390..6b2265f2e92 100644 --- a/2022/26xxx/CVE-2022-26137.json +++ b/2022/26xxx/CVE-2022-26137.json @@ -132,7 +132,7 @@ "version_value": "7.7.0", "version_affected": ">=" }, - { + { "version_value": "7.16.0", "version_affected": ">=" }, @@ -442,7 +442,7 @@ "version_value": "4.13.22", "version_affected": "<" }, - { + { "version_value": "4.14.0", "version_affected": ">=" }, @@ -469,7 +469,7 @@ "version_value": "4.13.22", "version_affected": "<" }, - { + { "version_value": "4.14.0", "version_affected": ">=" }, @@ -502,7 +502,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this vulnerability: Cross-origin resource sharing (CORS) bypass. Sending a specially crafted HTTP request can invoke the Servlet Filter used to respond to CORS requests, resulting in a CORS bypass. An attacker that can trick a user into requesting a malicious URL can access the vulnerable application with the victim’s permissions. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4." + "value": "A vulnerability in multiple Atlassian products allows a remote, unauthenticated attacker to cause additional Servlet Filters to be invoked when the application processes requests or responses. Atlassian has confirmed and fixed the only known security issue associated with this vulnerability: Cross-origin resource sharing (CORS) bypass. Sending a specially crafted HTTP request can invoke the Servlet Filter used to respond to CORS requests, resulting in a CORS bypass. An attacker that can trick a user into requesting a malicious URL can access the vulnerable application with the victim\u2019s permissions. Atlassian Bamboo versions are affected before 8.0.9, from 8.1.0 before 8.1.8, and from 8.2.0 before 8.2.4. Atlassian Bitbucket versions are affected before 7.6.16, from 7.7.0 before 7.17.8, from 7.18.0 before 7.19.5, from 7.20.0 before 7.20.2, from 7.21.0 before 7.21.2, and versions 8.0.0 and 8.1.0. Atlassian Confluence versions are affected before 7.4.17, from 7.5.0 before 7.13.7, from 7.14.0 before 7.14.3, from 7.15.0 before 7.15.2, from 7.16.0 before 7.16.4, from 7.17.0 before 7.17.4, and version 7.21.0. Atlassian Crowd versions are affected before 4.3.8, from 4.4.0 before 4.4.2, and version 5.0.0. Atlassian Fisheye and Crucible versions before 4.8.10 are affected. Atlassian Jira versions are affected before 8.13.22, from 8.14.0 before 8.20.10, and from 8.21.0 before 8.22.4. Atlassian Jira Service Management versions are affected before 4.13.22, from 4.14.0 before 4.20.10, and from 4.21.0 before 4.22.4." } ] }, @@ -521,29 +521,45 @@ "references": { "reference_data": [ { - "url": "https://jira.atlassian.com/browse/BAM-21795" + "url": "https://jira.atlassian.com/browse/BAM-21795", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/BAM-21795" }, { - "url": "https://jira.atlassian.com/browse/BSERV-13370" + "url": "https://jira.atlassian.com/browse/BSERV-13370", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/BSERV-13370" }, { - "url": "https://jira.atlassian.com/browse/CONFSERVER-79476" + "url": "https://jira.atlassian.com/browse/CONFSERVER-79476", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/CONFSERVER-79476" }, { - "url": "https://jira.atlassian.com/browse/CWD-5815" + "url": "https://jira.atlassian.com/browse/CWD-5815", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/CWD-5815" }, { - "url": "https://jira.atlassian.com/browse/FE-7410" + "url": "https://jira.atlassian.com/browse/FE-7410", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/FE-7410" }, { - "url": "https://jira.atlassian.com/browse/CRUC-8541" + "url": "https://jira.atlassian.com/browse/CRUC-8541", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/CRUC-8541" }, { - "url": "https://jira.atlassian.com/browse/JRASERVER-73897" + "url": "https://jira.atlassian.com/browse/JRASERVER-73897", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/JRASERVER-73897" }, { - "url": "https://jira.atlassian.com/browse/JSDSERVER-11863" + "url": "https://jira.atlassian.com/browse/JSDSERVER-11863", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/JSDSERVER-11863" } ] } -} +} \ No newline at end of file diff --git a/2022/26xxx/CVE-2022-26138.json b/2022/26xxx/CVE-2022-26138.json index 7c03a56a3ca..f89554078bc 100644 --- a/2022/26xxx/CVE-2022-26138.json +++ b/2022/26xxx/CVE-2022-26138.json @@ -63,11 +63,15 @@ "references": { "reference_data": [ { - "url": "https://jira.atlassian.com/browse/CONFSERVER-79483" + "url": "https://jira.atlassian.com/browse/CONFSERVER-79483", + "refsource": "MISC", + "name": "https://jira.atlassian.com/browse/CONFSERVER-79483" }, { - "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html" + "url": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html", + "refsource": "MISC", + "name": "https://confluence.atlassian.com/doc/confluence-security-advisory-2022-07-20-1142446709.html" } ] } -} +} \ No newline at end of file diff --git a/2022/35xxx/CVE-2022-35569.json b/2022/35xxx/CVE-2022-35569.json index f0ebfc82bd4..488703f9d0a 100644 --- a/2022/35xxx/CVE-2022-35569.json +++ b/2022/35xxx/CVE-2022-35569.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-35569", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-35569", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Blogifier v3.0 was discovered to contain an arbitrary file upload vulnerability at /api/storage/upload/PostImage. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/blogifierdotnet/Blogifier/issues/316", + "refsource": "MISC", + "name": "https://github.com/blogifierdotnet/Blogifier/issues/316" } ] }