mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-07 19:17:10 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
7e78e9b034
commit
40500079b0
@ -56,6 +56,11 @@
|
||||
"url": "https://github.com/wkhtmltopdf/wkhtmltopdf/issues/4536",
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/wkhtmltopdf/wkhtmltopdf/issues/4536"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[debian-lts-announce] 20221024 [SECURITY] [DLA 3158-1] wkhtmltopdf security update",
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00027.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://coreruleset.org/20210630/cve-2021-35368-crs-request-body-bypass/",
|
||||
"url": "https://coreruleset.org/20210630/cve-2021-35368-crs-request-body-bypass/"
|
||||
},
|
||||
{
|
||||
"refsource": "FEDORA",
|
||||
"name": "FEDORA-2022-afa1e7b6c4",
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6MS5GMNYHFFIBWLJW7N3XAD24SLF3PFZ/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -58,7 +58,9 @@
|
||||
"url": "https://www.sqlite.org/forum/forumpost/718c0a8d17"
|
||||
},
|
||||
{
|
||||
"url": "https://www.oracle.com/security-alerts/cpujan2022.html"
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -66,6 +66,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup",
|
||||
"url": "http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/devel/ncurses/patches/patch-ncurses_tinfo_captoinfo.c?rev=1.1&content-type=text/x-cvsweb-markup"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -58,14 +58,14 @@
|
||||
"attackComplexity": "Low",
|
||||
"attackVector": "Physical",
|
||||
"availabilityImpact": "High",
|
||||
"baseScore": 7.0,
|
||||
"baseScore": 6.1,
|
||||
"baseSeverity": "High",
|
||||
"confidentialityImpact": "High",
|
||||
"integrityImpact": "High",
|
||||
"privilegesRequired": "High",
|
||||
"scope": "Changed",
|
||||
"scope": "Unchanged",
|
||||
"userInteraction": "Required",
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
|
||||
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
},
|
||||
@ -75,7 +75,7 @@
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper Privilege Management (CWE-269)"
|
||||
"value": "Creation of Temporary File in Directory with Incorrect Permissions (CWE-379)"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -89,6 +89,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -84,6 +84,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -89,6 +89,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -89,6 +89,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -89,6 +89,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -89,6 +89,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -89,6 +89,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -84,6 +84,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -94,6 +94,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -94,6 +94,11 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[debian-lts-announce] 20220516 [SECURITY] [DLA 3011-1] vim security update",
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2022/05/msg00022.html"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -94,6 +94,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -94,6 +94,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -84,6 +84,11 @@
|
||||
"refsource": "FEDORA",
|
||||
"name": "FEDORA-2022-48bf3cb1c4",
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZLEHVP4LNAGER4ZDGUDS5V5YVQD6INF/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -94,6 +94,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -94,6 +94,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -104,6 +104,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -109,6 +109,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20220930-0007/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20220930-0007/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -94,6 +94,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -73,6 +73,11 @@
|
||||
"refsource": "FEDORA",
|
||||
"name": "FEDORA-2022-e9fe21d102",
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/C7IWZTB4J2N4F5OR5QY4VHDSKWKZSWN3/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -89,6 +89,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -79,6 +79,11 @@
|
||||
"name": "https://github.com/vim/vim/commit/b62dc5e7825bc195efe3041d5b3a9f1528359e1c",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/vim/vim/commit/b62dc5e7825bc195efe3041d5b3a9f1528359e1c"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -84,6 +84,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -104,6 +104,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -104,6 +104,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -89,6 +89,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -89,6 +89,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-28169",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "sirt@brocade.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Brocade Fabric OS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Privilege escalation"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2075",
|
||||
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2075"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Brocade Webtools in Brocade Fabric OS versions before Brocade Fabric OS versions v9.1.1, v9.0.1e, and v8.2.3c could allow a low privilege webtools, user, to gain elevated admin rights, or privileges, beyond what is intended or entitled for that user. By exploiting this vulnerability, a user whose role is not an admin can create a new user with an admin role using the operator session id. The issue was replicated after intercepting the admin, and operator authorization headers sent unencrypted and editing a user addition request to use the operator's authorization header."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-28170",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "sirt@brocade.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Brocade Fabric OS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Brocade Fabric OS versions before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Insertion of Sensitive Information Into Debugging Code"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2076",
|
||||
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2076"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Brocade Fabric OS Web Application services before Brocade Fabric v9.1.0, v9.0.1e, v8.2.3c, v7.4.2j store server and user passwords in the debug statements. This could allow a local user to extract the passwords from a debug file."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -71,6 +71,21 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20220624-0002/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20220624-0002/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213494",
|
||||
"url": "https://support.apple.com/kb/HT213494"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213493",
|
||||
"url": "https://support.apple.com/kb/HT213493"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -61,6 +61,11 @@
|
||||
"url": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html",
|
||||
"refsource": "MISC",
|
||||
"name": "https://lists.gnu.org/archive/html/bug-ncurses/2022-04/msg00016.html"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -89,6 +89,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -84,6 +84,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -94,6 +94,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -99,6 +99,11 @@
|
||||
"refsource": "GENTOO",
|
||||
"name": "GLSA-202208-32",
|
||||
"url": "https://security.gentoo.org/glsa/202208-32"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -63,6 +63,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20220915-0003/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -68,6 +68,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20220915-0003/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -63,6 +63,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20220915-0003/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -68,6 +68,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20220915-0003/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20220915-0003/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -97,6 +97,11 @@
|
||||
"refsource": "MISC",
|
||||
"url": "https://support.apple.com/en-us/HT213444",
|
||||
"name": "https://support.apple.com/en-us/HT213444"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -97,6 +97,11 @@
|
||||
"refsource": "MISC",
|
||||
"url": "https://support.apple.com/en-us/HT213444",
|
||||
"name": "https://support.apple.com/en-us/HT213444"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -97,6 +97,11 @@
|
||||
"refsource": "MISC",
|
||||
"url": "https://support.apple.com/en-us/HT213444",
|
||||
"name": "https://support.apple.com/en-us/HT213444"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -97,6 +97,11 @@
|
||||
"refsource": "MISC",
|
||||
"url": "https://support.apple.com/en-us/HT213444",
|
||||
"name": "https://support.apple.com/en-us/HT213444"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://support.apple.com/kb/HT213488",
|
||||
"url": "https://support.apple.com/kb/HT213488"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-33178",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "sirt@brocade.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Brocade Fabric OS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Brocade Fabric OS versions before Brocade Fabric OS 9.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper input validation"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2077",
|
||||
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2077"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability in the radius authentication system of Brocade Fabric OS before Brocade Fabric OS 9.0 could allow a remote attacker to execute arbitrary code on the Brocade switch."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-33179",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "sirt@brocade.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Brocade Fabric OS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Brocade Fabric OS versions before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Exposure of Sensitive Information to an Unauthorized Actor"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2079",
|
||||
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2079"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with \u201cset context\u201d and escalate privileges."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-33180",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "sirt@brocade.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Brocade Fabric OS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Brocade Fabric OS versions before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper Authorization"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2079",
|
||||
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2079"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5 could allow a local authenticated attacker to export out sensitive files with \u201cseccryptocfg\u201d, \u201cconfigupload\u201d."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-33181",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "sirt@brocade.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Brocade Fabric OS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Brocade Fabric OS versions before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Information disclosure vulnerability"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2083",
|
||||
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2083"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "An information disclosure vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a local authenticated attacker to read sensitive files using switch commands \u201cconfigshow\u201d and \u201csupportlink\u201d."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-33182",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "sirt@brocade.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Brocade Fabric OS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Brocade Fabric OS versions before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Privilege escalation"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2084",
|
||||
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2084"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A privilege escalation vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, could allow a local authenticated user to escalate its privilege to root using switch commands \u201csupportlink\u201d, \u201cfirmwaredownload\u201d, \u201cportcfgupload, license, and \u201cfosexec\u201d."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-33183",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "sirt@brocade.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Brocade Fabric OS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Brocade Fabric OS versions before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Stack Buffer Overflow"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2085",
|
||||
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2085"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j could allow a remote authenticated attacker to perform stack buffer overflow using in \u201cfirmwaredownload\u201d and \u201cdiagshow\u201d commands."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-33184",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "sirt@brocade.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Brocade Fabric OS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Brocade Fabric OS versions before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, 8.2.0cbn5, 7.4.2.j"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Stack Buffer Overflow and Code Execution"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2080",
|
||||
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2080"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "A vulnerability in fab_seg.c.h libraries of all Brocade Fabric OS versions before Brocade Fabric OS v9.1.1, v9.0.1e, v8.2.3c, v8.2.0_cbn5, 7.4.2j could allow local authenticated attackers to exploit stack-based buffer overflows and execute arbitrary code as the root user account."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -4,14 +4,58 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-33185",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "sirt@brocade.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Brocade Fabric OS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Stack Buffer Overflow"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2078",
|
||||
"url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2078"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Several commands in Brocade Fabric OS before Brocade Fabric OS v.9.0.1e, and v9.1.0 use unsafe string functions to process user input. Authenticated local attackers could abuse these vulnerabilities to exploit stack-based buffer overflows, allowing arbitrary code execution as the root user account."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -57,15 +57,15 @@
|
||||
"cvss": {
|
||||
"attackComplexity": "Low",
|
||||
"attackVector": "Network",
|
||||
"availabilityImpact": "Low",
|
||||
"baseScore": 8.3,
|
||||
"availabilityImpact": "High",
|
||||
"baseScore": 8.8,
|
||||
"baseSeverity": "High",
|
||||
"confidentialityImpact": "High",
|
||||
"integrityImpact": "High",
|
||||
"privilegesRequired": "Low",
|
||||
"scope": "Unchanged",
|
||||
"userInteraction": "None",
|
||||
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
},
|
||||
@ -75,7 +75,7 @@
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Incorrect Authorization (CWE-863)"
|
||||
"value": "Improper Access Control (CWE-284)"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -58,14 +58,14 @@
|
||||
"attackComplexity": "Low",
|
||||
"attackVector": "Network",
|
||||
"availabilityImpact": "None",
|
||||
"baseScore": 7.2,
|
||||
"baseScore": 6.1,
|
||||
"baseSeverity": "High",
|
||||
"confidentialityImpact": "Low",
|
||||
"integrityImpact": "Low",
|
||||
"privilegesRequired": "None",
|
||||
"scope": "Changed",
|
||||
"userInteraction": "None",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
|
||||
"userInteraction": "Required",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
},
|
||||
|
||||
@ -58,14 +58,14 @@
|
||||
"attackComplexity": "Low",
|
||||
"attackVector": "Network",
|
||||
"availabilityImpact": "None",
|
||||
"baseScore": 5.5,
|
||||
"baseScore": 4.8,
|
||||
"baseSeverity": "Medium",
|
||||
"confidentialityImpact": "Low",
|
||||
"integrityImpact": "Low",
|
||||
"privilegesRequired": "High",
|
||||
"scope": "Changed",
|
||||
"userInteraction": "None",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N",
|
||||
"userInteraction": "Required",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
},
|
||||
|
||||
@ -67,6 +67,11 @@
|
||||
"refsource": "MISC",
|
||||
"url": "https://lists.apache.org/thread/zltlr7f2ymr2m6jj54k4z0c4foos5fwx",
|
||||
"name": "https://lists.apache.org/thread/zltlr7f2ymr2m6jj54k4z0c4foos5fwx"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221024 CVE-2022-34870: Apache Geode stored Cross-Site Scripting (XSS) via data injection vulnerability in Pulse web application",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/10/24/3"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -66,6 +66,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://glpi-project.org/fr/glpi-10-0-3-disponible/",
|
||||
"url": "https://glpi-project.org/fr/glpi-10-0-3-disponible/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/169501/GLPI-10.0.2-Command-Injection.html",
|
||||
"url": "http://packetstormsecurity.com/files/169501/GLPI-10.0.2-Command-Injection.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -55,7 +55,7 @@
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "High",
|
||||
"attackComplexity": "Low",
|
||||
"attackVector": "Network",
|
||||
"availabilityImpact": "None",
|
||||
"baseScore": 7.5,
|
||||
@ -65,7 +65,7 @@
|
||||
"privilegesRequired": "None",
|
||||
"scope": "Unchanged",
|
||||
"userInteraction": "None",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
|
||||
"version": "3.1"
|
||||
}
|
||||
},
|
||||
|
||||
@ -55,8 +55,8 @@
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "High",
|
||||
"attackVector": "Network",
|
||||
"attackComplexity": "Low",
|
||||
"attackVector": "Local",
|
||||
"availabilityImpact": "High",
|
||||
"baseScore": 7.8,
|
||||
"baseSeverity": "High",
|
||||
@ -64,8 +64,8 @@
|
||||
"integrityImpact": "High",
|
||||
"privilegesRequired": "None",
|
||||
"scope": "Unchanged",
|
||||
"userInteraction": "None",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
||||
"userInteraction": "Required",
|
||||
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||||
"version": "3.1"
|
||||
}
|
||||
},
|
||||
|
||||
@ -48,6 +48,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "https://gitlab.com/qemu-project/qemu/-/commit/d307040b18",
|
||||
"url": "https://gitlab.com/qemu-project/qemu/-/commit/d307040b18"
|
||||
},
|
||||
{
|
||||
"refsource": "FEDORA",
|
||||
"name": "FEDORA-2022-8dcdfe7297",
|
||||
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I36LKZA7Z65J3LJU2P37LVTWDFTXBMPU/"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cna@vuldb.com",
|
||||
"ID": "CVE-2022-3527",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "REJECT"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cna@vuldb.com",
|
||||
"ID": "CVE-2022-3528",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "REJECT"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cna@vuldb.com",
|
||||
"ID": "CVE-2022-3529",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "REJECT"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cna@vuldb.com",
|
||||
"ID": "CVE-2022-3530",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "REJECT"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
|
||||
@ -1,12 +1,12 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "cna@vuldb.com",
|
||||
"ID": "CVE-2022-3593",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "REJECT"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"refsource": "MISC",
|
||||
"url": "https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf",
|
||||
"name": "https://lists.apache.org/thread/hplhx0o74jb7blj39fm4kw3otcnjd6xf"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221025 [CVE-2022-41704] Apache Batik information disclosure vulnerability",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/10/25/2"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -4,14 +4,63 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-41711",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "help@fluidattacks.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Badaso",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "2.6.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Remote command execution (RCE)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://fluidattacks.com/advisories/harlow/",
|
||||
"url": "https://fluidattacks.com/advisories/harlow/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/uasoft-indonesia/badaso/issues/802",
|
||||
"url": "https://github.com/uasoft-indonesia/badaso/issues/802"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Badaso version 2.6.0 allows an unauthenticated remote attacker to execute arbitrary code remotely on the server. This is possible because the application does not properly validate the data uploaded by users."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"refsource": "MISC",
|
||||
"url": "https://lists.apache.org/thread/pkvhy0nsj1h1mlon008wtzhosbtxjwly",
|
||||
"name": "https://lists.apache.org/thread/pkvhy0nsj1h1mlon008wtzhosbtxjwly"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20221025 [CVE-2022-42890] Apache Batik information disclosure vulnerability",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/10/25/3"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user