admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

JPCERT/CC 2021-01-28-18-53

Browse Source
This commit is contained in:
Ikuya Fukumoto 2021-01-28 18:54:47 +09:00
parent 17df431556
commit 4a022c409c
No known key found for this signature in database
GPG Key ID: 603034D3468A3441
4 changed files with 197 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

50
2020/5xxx/CVE-2020-5626.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-5626",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Infoscience Corporation",
"product": {
"product_data": [
{
"product_name": "Logstorage and ELC Analytics",
"version": {
"version_data": [
{
"version_value": "Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.logstorage.com/support/vulnerability_info.html#jvn-41853173"
},
{
"url": "https://jvn.jp/en/jp/JVN41853173/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Logstorage version 8.0.0 and earlier, and ELC Analytics version 3.0.0 and earlier allow remote attackers to execute arbitrary OS commands via a specially crafted log file."
}
]
}

53
2021/20xxx/CVE-2021-20620.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20620",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NEC Corporation",
"product": {
"product_data": [
{
"product_name": "Aterm WF800HP",
"version": {
"version_data": [
{
"version_value": "Aterm WF800HP firmware Ver1.0.9 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.aterm.jp/support/tech/2019/0328.html"
},
{
"url": "https://jpn.nec.com/security-info/secinfo/nv21-005.html"
},
{
"url": "https://jvn.jp/en/jp/JVN38248512/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in Aterm WF800HP firmware Ver1.0.9 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors."
}
]
}

53
2021/20xxx/CVE-2021-20621.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20621",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NEC Corporation",
"product": {
"product_data": [
{
"product_name": "Aterm WG2600HP and Aterm WG2600HP2",
"version": {
"version_data": [
{
"version_value": "Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.aterm.jp/support/tech/2019/0328.html"
},
{
"url": "https://jpn.nec.com/security-info/secinfo/nv21-005.html"
},
{
"url": "https://jvn.jp/en/jp/JVN38248512/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site request forgery (CSRF) vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to hijack the authentication of administrators via unspecified vectors."
}
]
}

53
2021/20xxx/CVE-2021-20622.json
View File

@ -4,14 +4,61 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20622",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "vultures@jpcert.or.jp"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NEC Corporation",
"product": {
"product_data": [
{
"product_name": "Aterm WG2600HP and Aterm WG2600HP2",
"version": {
"version_data": [
{
"version_value": "Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.aterm.jp/support/tech/2019/0328.html"
},
{
"url": "https://jpn.nec.com/security-info/secinfo/nv21-005.html"
},
{
"url": "https://jvn.jp/en/jp/JVN38248512/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in Aterm WG2600HP firmware Ver1.0.2 and earlier, and Aterm WG2600HP2 firmware Ver1.0.2 and earlier allows remote attackers to inject an arbitrary script via unspecified vectors."
}
]
}