diff --git a/2020/3xxx/CVE-2020-3960.json b/2020/3xxx/CVE-2020-3960.json index d7557dad223..4ff379eb433 100644 --- a/2020/3xxx/CVE-2020-3960.json +++ b/2020/3xxx/CVE-2020-3960.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-3960", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "VMware ESXi, Workstation, and Fusion", + "version": { + "version_data": [ + { + "version_value": "VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Out-of-bounds read vulnerability" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.vmware.com/security/advisories/VMSA-2020-0012.html", + "url": "https://www.vmware.com/security/advisories/VMSA-2020-0012.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine with a virtual NVMe controller present may be able to read privileged information contained in physical memory." } ] } diff --git a/2021/27xxx/CVE-2021-27662.json b/2021/27xxx/CVE-2021-27662.json index dc8a8d1e562..db3c3b06079 100644 --- a/2021/27xxx/CVE-2021-27662.json +++ b/2021/27xxx/CVE-2021-27662.json @@ -1,18 +1,113 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "productsecurity@jci.com", + "DATE_PUBLIC": "2021-09-10T06:01:00.000Z", "ID": "CVE-2021-27662", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "KT-1 Capture-replay" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "KT-1", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "all versions up to and including 3.01", + "version_value": "3.01" + } + ] + } + } + ] + }, + "vendor_name": "Johnson Controls" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Dr. Dave Burke" + }, + { + "lang": "eng", + "value": "Anthony Connor" + }, + { + "lang": "eng", + "value": "Harrison Spisak" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The KT-1 door controller is susceptible to replay or man-in-the-middle attacks where an attacker can record and replay TCP packets. This issue affects Johnson Controls KT-1 all versions up to and including 3.01" } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-294: Authentication Bypass by Capture-replay" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", + "refsource": "CONFIRM", + "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories" + }, + { + "name": "ICS-CERT Advisory", + "refsource": "CERT", + "url": "https://us-cert.gov/ics/advisories" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade the KT-1 controller to version 3.04 and upgrade EntraPass to version 8.40." + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/30xxx/CVE-2021-30137.json b/2021/30xxx/CVE-2021-30137.json index 2a974735d2f..adfc1e606d0 100644 --- a/2021/30xxx/CVE-2021-30137.json +++ b/2021/30xxx/CVE-2021-30137.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-30137", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-30137", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Assyst 10 SP7.5 has authenticated XXE leading to SSRF via XML unmarshalling. The application allows users to send JSON or XML data to the server. It was possible to inject malicious XML data through several access points." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2021-30137.pdf", + "url": "https://github.com/post-cyberlabs/CVE-Advisory/blob/main/CVE-2021-30137.pdf" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:L/I:L/PR:L/S:C/UI:N", + "version": "3.1" + } } } \ No newline at end of file diff --git a/2021/35xxx/CVE-2021-35217.json b/2021/35xxx/CVE-2021-35217.json index a8b82c847f3..5e798dd3bff 100644 --- a/2021/35xxx/CVE-2021-35217.json +++ b/2021/35xxx/CVE-2021-35217.json @@ -1,7 +1,7 @@ { "CVE_data_meta": { "ASSIGNER": "psirt@solarwinds.com", - "DATE_PUBLIC": "2021-09-09T10:03:00.000Z", + "DATE_PUBLIC": "2021-09-02T13:14:00.000Z", "ID": "CVE-2021-35217", "STATE": "PUBLIC", "TITLE": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability. " @@ -13,14 +13,13 @@ "product": { "product_data": [ { - "product_name": "Patch Manager", + "product_name": "Orion Platform ", "version": { "version_data": [ { - "platform": "Windows", "version_affected": "<", "version_name": "2020.2.5 and previous versions", - "version_value": "2020.2.6 HF1" + "version_value": "2020.2.6" } ] } @@ -74,7 +73,7 @@ "description": [ { "lang": "eng", - "value": "CWE-502 Deserialization of Untrusted Data" + "value": "Insecure Deserialization of untrusted data causing Remote code execution vulnerability." } ] } @@ -83,19 +82,19 @@ "references": { "reference_data": [ { - "name": "https://support.solarwinds.com/SuccessCenter/s/article/Patch-Manager-2020-2-6-Hotfix-1-Release-Notes?language=en_US", - "refsource": "CONFIRM", - "url": "https://support.solarwinds.com/SuccessCenter/s/article/Patch-Manager-2020-2-6-Hotfix-1-Release-Notes?language=en_US" + "refsource": "MISC", + "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", + "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm" }, { - "name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217", - "refsource": "CONFIRM", - "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217" + "refsource": "MISC", + "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm", + "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/release_notes/orion_platform_2020-2-6_release_notes.htm" }, { - "name": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm", - "refsource": "CONFIRM", - "url": "https://documentation.solarwinds.com/en/success_center/orionplatform/content/core-secure-configuration.htm" + "refsource": "MISC", + "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217", + "name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35217" } ] }, @@ -106,6 +105,6 @@ } ], "source": { - "discovery": "EXTERNAL" + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40845.json b/2021/40xxx/CVE-2021-40845.json index ae9ffa2f01f..e14c80265d1 100644 --- a/2021/40xxx/CVE-2021-40845.json +++ b/2021/40xxx/CVE-2021-40845.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-40845", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-40845", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The web part of Zenitel AlphaCom XE Audio Server through 11.2.3.10, called AlphaWeb XE, does not restrict file upload in the Custom Scripts section at php/index.php. Neither the content nor extension of the uploaded files is checked, allowing execution of PHP code under the /cmd directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/164149/Zenitel-AlphaCom-XE-Audio-Server-11.2.3.10-Shell-Upload.html", + "url": "http://packetstormsecurity.com/files/164149/Zenitel-AlphaCom-XE-Audio-Server-11.2.3.10-Shell-Upload.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/ricardojoserf/CVE-2021-40845", + "url": "https://github.com/ricardojoserf/CVE-2021-40845" + }, + { + "refsource": "MISC", + "name": "https://ricardojoserf.github.io/CVE-2021-40845/", + "url": "https://ricardojoserf.github.io/CVE-2021-40845/" } ] } diff --git a/2021/41xxx/CVE-2021-41076.json b/2021/41xxx/CVE-2021-41076.json index 143624938d8..6288bf4ac16 100644 --- a/2021/41xxx/CVE-2021-41076.json +++ b/2021/41xxx/CVE-2021-41076.json @@ -5,13 +5,13 @@ "CVE_data_meta": { "ID": "CVE-2021-41076", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] }