diff --git a/2020/20xxx/CVE-2020-20264.json b/2020/20xxx/CVE-2020-20264.json index 57cb8c36010..d7fcacca7b2 100644 --- a/2020/20xxx/CVE-2020-20264.json +++ b/2020/20xxx/CVE-2020-20264.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20264", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20264", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mikrotik RouterOs before 6.47 (stable tree) in the /ram/pckg/advanced-tools/nova/bin/netwatch process. An authenticated remote attacker can cause a Denial of Service due to a divide by zero error." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_netwatch/README.md", + "refsource": "MISC", + "name": "https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_netwatch/README.md" + }, + { + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2021/May/11", + "url": "https://seclists.org/fulldisclosure/2021/May/11" } ] } diff --git a/2020/20xxx/CVE-2020-20266.json b/2020/20xxx/CVE-2020-20266.json index 540fc162a0b..1518d9c3883 100644 --- a/2020/20xxx/CVE-2020-20266.json +++ b/2020/20xxx/CVE-2020-20266.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-20266", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-20266", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Mikrotik RouterOs before 6.47 (stable tree) suffers from a memory corruption vulnerability in the /nova/bin/dot1x process. An authenticated remote attacker can cause a Denial of Service (NULL pointer dereference)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_dot1x/README.md", + "refsource": "MISC", + "name": "https://github.com/cq674350529/pocs_slides/blob/master/pocs/MikroTik/vul_dot1x/README.md" + }, + { + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2021/May/11", + "url": "https://seclists.org/fulldisclosure/2021/May/11" } ] } diff --git a/2021/21xxx/CVE-2021-21733.json b/2021/21xxx/CVE-2021-21733.json index 0148abacadf..eab937ae7fb 100644 --- a/2021/21xxx/CVE-2021-21733.json +++ b/2021/21xxx/CVE-2021-21733.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21733", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@zte.com.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Leak" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304", + "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1015304" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The management system of ZXCDN is impacted by the information leak vulnerability. Attackers can make further analysis according to the information returned by the program, and then obtain some sensitive information. This affects ZXCDN V7.01 all versions up to IAMV7.01.01.02." } ] }