From 4c0a42dbb46741522db1eb8aa2f7bf13ae731346 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 28 Dec 2023 17:00:37 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/25xxx/CVE-2018-25096.json | 18 ++++++ 2021/26xxx/CVE-2021-26427.json | 6 +- 2021/34xxx/CVE-2021-34453.json | 4 +- 2021/38xxx/CVE-2021-38662.json | 2 +- 2021/38xxx/CVE-2021-38663.json | 2 +- 2021/38xxx/CVE-2021-38672.json | 2 +- 2021/40xxx/CVE-2021-40454.json | 2 +- 2021/40xxx/CVE-2021-40455.json | 2 +- 2021/40xxx/CVE-2021-40456.json | 2 +- 2021/40xxx/CVE-2021-40457.json | 84 +++++++++++++++----------- 2021/40xxx/CVE-2021-40460.json | 2 +- 2021/40xxx/CVE-2021-40461.json | 14 +---- 2021/40xxx/CVE-2021-40468.json | 2 +- 2021/40xxx/CVE-2021-40472.json | 2 +- 2021/40xxx/CVE-2021-40475.json | 2 +- 2021/40xxx/CVE-2021-40482.json | 2 +- 2021/40xxx/CVE-2021-40483.json | 2 +- 2021/40xxx/CVE-2021-40486.json | 12 ---- 2021/41xxx/CVE-2021-41332.json | 2 +- 2021/41xxx/CVE-2021-41336.json | 2 +- 2021/41xxx/CVE-2021-41337.json | 2 +- 2021/41xxx/CVE-2021-41338.json | 2 +- 2021/41xxx/CVE-2021-41339.json | 2 +- 2021/41xxx/CVE-2021-41343.json | 2 +- 2021/41xxx/CVE-2021-41346.json | 2 +- 2021/41xxx/CVE-2021-41348.json | 4 +- 2021/41xxx/CVE-2021-41350.json | 6 +- 2021/41xxx/CVE-2021-41352.json | 106 +++++++++++++++++++-------------- 2021/41xxx/CVE-2021-41353.json | 4 +- 2021/41xxx/CVE-2021-41354.json | 4 +- 2021/41xxx/CVE-2021-41355.json | 2 +- 2021/41xxx/CVE-2021-41361.json | 2 +- 2021/41xxx/CVE-2021-41363.json | 62 +++++++++++-------- 2021/42xxx/CVE-2021-42299.json | 2 +- 2023/7xxx/CVE-2023-7131.json | 95 +++++++++++++++++++++++++++-- 2023/7xxx/CVE-2023-7132.json | 95 +++++++++++++++++++++++++++-- 36 files changed, 384 insertions(+), 174 deletions(-) create mode 100644 2018/25xxx/CVE-2018-25096.json diff --git a/2018/25xxx/CVE-2018-25096.json b/2018/25xxx/CVE-2018-25096.json new file mode 100644 index 00000000000..d13e9da8d2b --- /dev/null +++ b/2018/25xxx/CVE-2018-25096.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-25096", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/26xxx/CVE-2021-26427.json b/2021/26xxx/CVE-2021-26427.json index 859e16a740e..8d6b0bb12ed 100644 --- a/2021/26xxx/CVE-2021-26427.json +++ b/2021/26xxx/CVE-2021-26427.json @@ -76,7 +76,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.01.0.0", + "version_name": "15.01.0", "version_value": "15.01.2308.015" } ] @@ -88,7 +88,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.02.0.0", + "version_name": "15.02.0", "version_value": "15.02.0922.014" } ] @@ -113,7 +113,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "CRITICAL", "baseScore": 9, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2021/34xxx/CVE-2021-34453.json b/2021/34xxx/CVE-2021-34453.json index b865130f86d..8abf8272850 100644 --- a/2021/34xxx/CVE-2021-34453.json +++ b/2021/34xxx/CVE-2021-34453.json @@ -52,7 +52,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.02.0.0", + "version_name": "15.02.0", "version_value": "15.02.0922.014" } ] @@ -64,7 +64,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.01.0.0", + "version_name": "15.01.0", "version_value": "15.01.2308.015" } ] diff --git a/2021/38xxx/CVE-2021-38662.json b/2021/38xxx/CVE-2021-38662.json index ef271fb0cd2..d687f82dd8a 100644 --- a/2021/38xxx/CVE-2021-38662.json +++ b/2021/38xxx/CVE-2021-38662.json @@ -377,7 +377,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/38xxx/CVE-2021-38663.json b/2021/38xxx/CVE-2021-38663.json index 1933d1d1e38..3d7f40abe14 100644 --- a/2021/38xxx/CVE-2021-38663.json +++ b/2021/38xxx/CVE-2021-38663.json @@ -377,7 +377,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/38xxx/CVE-2021-38672.json b/2021/38xxx/CVE-2021-38672.json index f1c0303c1cb..f143b7bf191 100644 --- a/2021/38xxx/CVE-2021-38672.json +++ b/2021/38xxx/CVE-2021-38672.json @@ -77,7 +77,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 8, "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40454.json b/2021/40xxx/CVE-2021-40454.json index a3e0a7d0b11..3d25b3790bf 100644 --- a/2021/40xxx/CVE-2021-40454.json +++ b/2021/40xxx/CVE-2021-40454.json @@ -377,7 +377,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:F/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40455.json b/2021/40xxx/CVE-2021-40455.json index 0f5a6e50401..cf1f864f820 100644 --- a/2021/40xxx/CVE-2021-40455.json +++ b/2021/40xxx/CVE-2021-40455.json @@ -377,7 +377,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40456.json b/2021/40xxx/CVE-2021-40456.json index df7c693c3e5..717c6590b11 100644 --- a/2021/40xxx/CVE-2021-40456.json +++ b/2021/40xxx/CVE-2021-40456.json @@ -113,7 +113,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40457.json b/2021/40xxx/CVE-2021-40457.json index 43feeab69b0..c4dca0ade69 100644 --- a/2021/40xxx/CVE-2021-40457.json +++ b/2021/40xxx/CVE-2021-40457.json @@ -1,45 +1,12 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2021-40457", + "ASSIGNER": "secure@microsoft.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Microsoft Dynamics 365 Customer Engagement V9.1", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Microsoft Dynamics 365 Customer Engagement V9.0", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, "description": { "description_data": [ { @@ -60,6 +27,43 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Microsoft Dynamics 365 Customer Engagement V9.1", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "9.0", + "version_value": "9.1.4" + } + ] + } + }, + { + "product_name": "Microsoft Dynamics 365 Customer Engagement V9.0", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "9.0.0", + "version_value": "9.0.31.7" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { @@ -68,5 +72,15 @@ "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-40457" } ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.4, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N/E:F/RL:O/RC:C" + } + ] } } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40460.json b/2021/40xxx/CVE-2021-40460.json index 160ea2d055a..41b8c9078b6 100644 --- a/2021/40xxx/CVE-2021-40460.json +++ b/2021/40xxx/CVE-2021-40460.json @@ -341,7 +341,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40461.json b/2021/40xxx/CVE-2021-40461.json index e08eee7bad1..9f3998d6ff6 100644 --- a/2021/40xxx/CVE-2021-40461.json +++ b/2021/40xxx/CVE-2021-40461.json @@ -130,18 +130,6 @@ ] } }, - { - "product_name": "Windows 10 Version 20H2", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "10.0.0", - "version_value": "10.0.19042.1288" - } - ] - } - }, { "product_name": "Windows Server version 20H2", "version": { @@ -185,7 +173,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "CRITICAL", + "baseSeverity": "HIGH", "baseScore": 8, "vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40468.json b/2021/40xxx/CVE-2021-40468.json index 817a66e9709..4b1d962fe97 100644 --- a/2021/40xxx/CVE-2021-40468.json +++ b/2021/40xxx/CVE-2021-40468.json @@ -137,7 +137,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40472.json b/2021/40xxx/CVE-2021-40472.json index 31c4731e223..d9361db84d7 100644 --- a/2021/40xxx/CVE-2021-40472.json +++ b/2021/40xxx/CVE-2021-40472.json @@ -161,7 +161,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40475.json b/2021/40xxx/CVE-2021-40475.json index 8a2fa12a2f8..e0824b7e2c8 100644 --- a/2021/40xxx/CVE-2021-40475.json +++ b/2021/40xxx/CVE-2021-40475.json @@ -185,7 +185,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40482.json b/2021/40xxx/CVE-2021-40482.json index a3c8213b07c..856718e98f2 100644 --- a/2021/40xxx/CVE-2021-40482.json +++ b/2021/40xxx/CVE-2021-40482.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40483.json b/2021/40xxx/CVE-2021-40483.json index 9694eee1fd3..48741804fdf 100644 --- a/2021/40xxx/CVE-2021-40483.json +++ b/2021/40xxx/CVE-2021-40483.json @@ -65,7 +65,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "LOW", + "baseSeverity": "HIGH", "baseScore": 7.6, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C" } diff --git a/2021/40xxx/CVE-2021-40486.json b/2021/40xxx/CVE-2021-40486.json index 7f7983b479d..b3a087e28a1 100644 --- a/2021/40xxx/CVE-2021-40486.json +++ b/2021/40xxx/CVE-2021-40486.json @@ -118,18 +118,6 @@ ] } }, - { - "product_name": "Microsoft Word 2013 RT Service Pack 1", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "15.0.1", - "version_value": "15.0.5389.1000" - } - ] - } - }, { "product_name": "Microsoft Word 2013 Service Pack 1", "version": { diff --git a/2021/41xxx/CVE-2021-41332.json b/2021/41xxx/CVE-2021-41332.json index 8841e18be4f..77a6a19a6e3 100644 --- a/2021/41xxx/CVE-2021-41332.json +++ b/2021/41xxx/CVE-2021-41332.json @@ -377,7 +377,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41336.json b/2021/41xxx/CVE-2021-41336.json index d6e990f4f16..2475bbcf8f7 100644 --- a/2021/41xxx/CVE-2021-41336.json +++ b/2021/41xxx/CVE-2021-41336.json @@ -77,7 +77,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41337.json b/2021/41xxx/CVE-2021-41337.json index ce648de7f4a..4881a64b184 100644 --- a/2021/41xxx/CVE-2021-41337.json +++ b/2021/41xxx/CVE-2021-41337.json @@ -137,7 +137,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 4.9, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41338.json b/2021/41xxx/CVE-2021-41338.json index 2878c26f4b5..75ffb230d22 100644 --- a/2021/41xxx/CVE-2021-41338.json +++ b/2021/41xxx/CVE-2021-41338.json @@ -233,7 +233,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41339.json b/2021/41xxx/CVE-2021-41339.json index c704c4a0d2d..4870b668c2b 100644 --- a/2021/41xxx/CVE-2021-41339.json +++ b/2021/41xxx/CVE-2021-41339.json @@ -149,7 +149,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 4.7, "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:P/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41343.json b/2021/41xxx/CVE-2021-41343.json index 2e11be15171..6011d9275d6 100644 --- a/2021/41xxx/CVE-2021-41343.json +++ b/2021/41xxx/CVE-2021-41343.json @@ -377,7 +377,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41346.json b/2021/41xxx/CVE-2021-41346.json index 9ddcdff63e5..e0246fa6bd2 100644 --- a/2021/41xxx/CVE-2021-41346.json +++ b/2021/41xxx/CVE-2021-41346.json @@ -113,7 +113,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.3, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41348.json b/2021/41xxx/CVE-2021-41348.json index b9089ff4545..4e72cb82a7b 100644 --- a/2021/41xxx/CVE-2021-41348.json +++ b/2021/41xxx/CVE-2021-41348.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.01.0.0", + "version_name": "15.01.0", "version_value": "15.01.2308.015" } ] @@ -52,7 +52,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.02.0.0", + "version_name": "15.02.0", "version_value": "15.02.0922.014" } ] diff --git a/2021/41xxx/CVE-2021-41350.json b/2021/41xxx/CVE-2021-41350.json index 2830688712c..3c0489c9b2b 100644 --- a/2021/41xxx/CVE-2021-41350.json +++ b/2021/41xxx/CVE-2021-41350.json @@ -40,7 +40,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.01.0.0", + "version_name": "15.01.0", "version_value": "15.01.2308.015" } ] @@ -52,7 +52,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "15.02.0.0", + "version_name": "15.02.0", "version_value": "15.02.0922.014" } ] @@ -101,7 +101,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 6.5, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41352.json b/2021/41xxx/CVE-2021-41352.json index 02864bf67ab..3d9388f4d62 100644 --- a/2021/41xxx/CVE-2021-41352.json +++ b/2021/41xxx/CVE-2021-41352.json @@ -1,55 +1,12 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2021-41352", + "ASSIGNER": "secure@microsoft.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "System Center 2016 Operations Manager", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "System Center 2019 Operations Manager", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "System Center 2012 R2 Operations Manager", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, "description": { "description_data": [ { @@ -70,6 +27,55 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "System Center 2016 Operations Manager", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "7.2.0.0", + "version_value": "7.2.12335.0" + } + ] + } + }, + { + "product_name": "System Center 2019 Operations Manager", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "10.0.0.0", + "version_value": "10.19.10550.0" + } + ] + } + }, + { + "product_name": "System Center 2012 R2 Operations Manager", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "7.1.0.0", + "version_value": "7.1.10226.1413" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { @@ -78,5 +84,15 @@ "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41352" } ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "HIGH", + "baseScore": 7.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" + } + ] } } \ No newline at end of file diff --git a/2021/41xxx/CVE-2021-41353.json b/2021/41xxx/CVE-2021-41353.json index 126136ad77c..d0118130a1f 100644 --- a/2021/41xxx/CVE-2021-41353.json +++ b/2021/41xxx/CVE-2021-41353.json @@ -52,7 +52,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.4" } ] @@ -77,7 +77,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41354.json b/2021/41xxx/CVE-2021-41354.json index 3bbc161667e..124064dc168 100644 --- a/2021/41xxx/CVE-2021-41354.json +++ b/2021/41xxx/CVE-2021-41354.json @@ -52,7 +52,7 @@ "version_data": [ { "version_affected": "<", - "version_name": "9.1.0", + "version_name": "9.0", "version_value": "9.1.4" } ] @@ -77,7 +77,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41355.json b/2021/41xxx/CVE-2021-41355.json index 59b281d553c..75c35229750 100644 --- a/2021/41xxx/CVE-2021-41355.json +++ b/2021/41xxx/CVE-2021-41355.json @@ -106,7 +106,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.7, "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41361.json b/2021/41xxx/CVE-2021-41361.json index f82335a4890..5305a82e96d 100644 --- a/2021/41xxx/CVE-2021-41361.json +++ b/2021/41xxx/CVE-2021-41361.json @@ -137,7 +137,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.4, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C" } diff --git a/2021/41xxx/CVE-2021-41363.json b/2021/41xxx/CVE-2021-41363.json index 6e7c081f1e9..61efaa85801 100644 --- a/2021/41xxx/CVE-2021-41363.json +++ b/2021/41xxx/CVE-2021-41363.json @@ -1,35 +1,12 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", "ID": "CVE-2021-41363", + "ASSIGNER": "secure@microsoft.com", "STATE": "PUBLIC" }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Intune management extension", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } - ] - }, - "vendor_name": "Microsoft" - } - ] - } - }, "description": { "description_data": [ { @@ -50,6 +27,31 @@ } ] }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Microsoft", + "product": { + "product_data": [ + { + "product_name": "Intune management extension", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "1.0.0.0", + "version_value": "1.45.204.0" + } + ] + } + } + ] + } + } + ] + } + }, "references": { "reference_data": [ { @@ -58,5 +60,15 @@ "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-41363" } ] + }, + "impact": { + "cvss": [ + { + "version": "3.1", + "baseSeverity": "MEDIUM", + "baseScore": 4.2, + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C" + } + ] } } \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42299.json b/2021/42xxx/CVE-2021-42299.json index 0c221ac192a..d422182bdd4 100644 --- a/2021/42xxx/CVE-2021-42299.json +++ b/2021/42xxx/CVE-2021-42299.json @@ -64,7 +64,7 @@ "cvss": [ { "version": "3.1", - "baseSeverity": "HIGH", + "baseSeverity": "MEDIUM", "baseScore": 5.6, "vectorString": "CVSS:3.1/AV:P/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N/E:P/RL:U/RC:C" } diff --git a/2023/7xxx/CVE-2023-7131.json b/2023/7xxx/CVE-2023-7131.json index 6b2ffeace8e..35f8ca87e1b 100644 --- a/2023/7xxx/CVE-2023-7131.json +++ b/2023/7xxx/CVE-2023-7131.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-7131", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in code-projects Intern Membership Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /user_registration/ of the component User Registration. The manipulation of the argument userName leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-249134 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in code-projects Intern Membership Management System 2.0 gefunden. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /user_registration/ der Komponente User Registration. Mittels Manipulieren des Arguments userName mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "code-projects", + "product": { + "product_data": [ + { + "product_name": "Intern Membership Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.249134", + "refsource": "MISC", + "name": "https://vuldb.com/?id.249134" + }, + { + "url": "https://vuldb.com/?ctiid.249134", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.249134" + }, + { + "url": "https://github.com/h4md153v63n/CVEs/blob/main/Intern_Membership_Management_System/Intern_Membership_Management_System-SQL-Injection.md", + "refsource": "MISC", + "name": "https://github.com/h4md153v63n/CVEs/blob/main/Intern_Membership_Management_System/Intern_Membership_Management_System-SQL-Injection.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Hamdi Sevben (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5.8, + "vectorString": "AV:A/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/7xxx/CVE-2023-7132.json b/2023/7xxx/CVE-2023-7132.json index 3155e123515..bc7389b9ff4 100644 --- a/2023/7xxx/CVE-2023-7132.json +++ b/2023/7xxx/CVE-2023-7132.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2023-7132", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in code-projects Intern Membership Management System 2.0. It has been classified as problematic. This affects an unknown part of the file /user_registration/ of the component User Registration. The manipulation of the argument userName/firstName/lastName/userEmail with the input \">h0la leads to cross site scripting. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-249135." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in code-projects Intern Membership Management System 2.0 ausgemacht. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Datei /user_registration/ der Komponente User Registration. Durch das Manipulieren des Arguments userName/firstName/lastName/userEmail mit der Eingabe \">h0la mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "code-projects", + "product": { + "product_data": [ + { + "product_name": "Intern Membership Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "2.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.249135", + "refsource": "MISC", + "name": "https://vuldb.com/?id.249135" + }, + { + "url": "https://vuldb.com/?ctiid.249135", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.249135" + }, + { + "url": "https://github.com/h4md153v63n/CVEs/blob/main/Intern_Membership_Management_System/Intern_Membership_Management_System-Stored_Cross_site_Scripting.md", + "refsource": "MISC", + "name": "https://github.com/h4md153v63n/CVEs/blob/main/Intern_Membership_Management_System/Intern_Membership_Management_System-Stored_Cross_site_Scripting.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Hamdi Sevben (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 3.3, + "vectorString": "AV:A/AC:L/Au:N/C:N/I:P/A:N" } ] }