From 4c9f8d84984804edc2c254a2101af7c7cac223a7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 29 Jan 2021 19:00:41 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/24xxx/CVE-2020-24664.json | 61 +++++++++++++++++++++++++++++---- 2020/24xxx/CVE-2020-24665.json | 61 +++++++++++++++++++++++++++++---- 2020/24xxx/CVE-2020-24666.json | 61 +++++++++++++++++++++++++++++---- 2020/24xxx/CVE-2020-24669.json | 61 +++++++++++++++++++++++++++++---- 2020/24xxx/CVE-2020-24670.json | 61 +++++++++++++++++++++++++++++---- 2020/29xxx/CVE-2020-29394.json | 2 +- 2021/25xxx/CVE-2021-25124.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25125.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25126.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25127.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25128.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25129.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25130.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25131.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25132.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25133.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25134.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25135.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25136.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25137.json | 62 ++++++++++++++++++++++++++++++++-- 2021/25xxx/CVE-2021-25138.json | 62 ++++++++++++++++++++++++++++++++-- 2021/3xxx/CVE-2021-3347.json | 10 ++++++ 22 files changed, 1171 insertions(+), 76 deletions(-) diff --git a/2020/24xxx/CVE-2020-24664.json b/2020/24xxx/CVE-2020-24664.json index 90b5b8ba9b4..0ad05b45260 100644 --- a/2020/24xxx/CVE-2020-24664.json +++ b/2020/24xxx/CVE-2020-24664.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24664", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24664", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'pho:title' attribute of 'dashboardXml' parameter. Remediated in >= 7.1.0.25, >= 8.2.0.6, and >= 8.3.0.0 GA." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.accenture.com", + "refsource": "MISC", + "name": "https://www.accenture.com" + }, + { + "refsource": "MISC", + "name": "https://support.pentaho.com/hc/en-us/articles/360050965992-hirt-sec-2020-601-Multiple-Vulnerabilities-in-Pentaho", + "url": "https://support.pentaho.com/hc/en-us/articles/360050965992-hirt-sec-2020-601-Multiple-Vulnerabilities-in-Pentaho" } ] } diff --git a/2020/24xxx/CVE-2020-24665.json b/2020/24xxx/CVE-2020-24665.json index 5ef14561c73..3b7d522e17c 100644 --- a/2020/24xxx/CVE-2020-24665.json +++ b/2020/24xxx/CVE-2020-24665.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24665", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24665", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains an XML Entity Expansion injection vulnerability, which allows an authenticated remote users to trigger a denial of service (DoS) condition. Specifically, the vulnerability lies in the 'dashboardXml' parameter. Remediated in >= 7.1.0.25, >= 8.2.0.6, >= 8.3.0.0 GA" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.accenture.com", + "refsource": "MISC", + "name": "https://www.accenture.com" + }, + { + "refsource": "MISC", + "name": "http://www.hitachi.com/hirt/hitachi-sec/2020/601.html", + "url": "http://www.hitachi.com/hirt/hitachi-sec/2020/601.html" } ] } diff --git a/2020/24xxx/CVE-2020-24666.json b/2020/24xxx/CVE-2020-24666.json index d462fd1fece..7c3b3dbac56 100644 --- a/2020/24xxx/CVE-2020-24666.json +++ b/2020/24xxx/CVE-2020-24666.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24666", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24666", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a stored Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'Display Name' parameter. Remediated in >= 9.1.0.1" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.accenture.com", + "refsource": "MISC", + "name": "https://www.accenture.com" + }, + { + "refsource": "MISC", + "name": "http://www.hitachi.com/hirt/hitachi-sec/2020/601.html", + "url": "http://www.hitachi.com/hirt/hitachi-sec/2020/601.html" } ] } diff --git a/2020/24xxx/CVE-2020-24669.json b/2020/24xxx/CVE-2020-24669.json index 2f9f5c6c9c8..83515b15f13 100644 --- a/2020/24xxx/CVE-2020-24669.json +++ b/2020/24xxx/CVE-2020-24669.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24669", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24669", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The New Analysis Report in Hitachi Vantara Pentaho through 7.x - 8.x contains a DOM-based Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'Analysis Report Description' field in 'About this Report' section. Remediated in >= 8.3.0.9, >= 9.0.0.1, and >= 9.1.0.0 GA." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.accenture.com", + "refsource": "MISC", + "name": "https://www.accenture.com" + }, + { + "refsource": "MISC", + "name": "http://www.hitachi.com/hirt/hitachi-sec/2020/601.html", + "url": "http://www.hitachi.com/hirt/hitachi-sec/2020/601.html" } ] } diff --git a/2020/24xxx/CVE-2020-24670.json b/2020/24xxx/CVE-2020-24670.json index 9912c4f9a82..e7a2344b0ba 100644 --- a/2020/24xxx/CVE-2020-24670.json +++ b/2020/24xxx/CVE-2020-24670.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-24670", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-24670", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Dashboard Editor in Hitachi Vantara Pentaho through 7.x - 8.x contains a reflected Cross-site scripting vulnerability, which allows an authenticated remote users to execute arbitrary JavaScript code. Specifically, the vulnerability lies in the 'type' attribute of 'dashboardXml' parameter. Remediated in >= 7.1.0.25, >= 8.2.0.6, and >= 8.3.0.0 GA." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.accenture.com", + "refsource": "MISC", + "name": "https://www.accenture.com" + }, + { + "refsource": "MISC", + "name": "http://www.hitachi.com/hirt/hitachi-sec/2020/601.html", + "url": "http://www.hitachi.com/hirt/hitachi-sec/2020/601.html" } ] } diff --git a/2020/29xxx/CVE-2020-29394.json b/2020/29xxx/CVE-2020-29394.json index 541a6090566..b1e8c67e009 100644 --- a/2020/29xxx/CVE-2020-29394.json +++ b/2020/29xxx/CVE-2020-29394.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "A buffer overflow in the dlt_filter_load function in dlt_common.c in dlt-daemon 2.8.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in a format argument)." + "value": "A buffer overflow in the dlt_filter_load function in dlt_common.c from dlt-daemon 2.18.5 (GENIVI Diagnostic Log and Trace) allows arbitrary code execution because fscanf is misused (no limit on the number of characters to be read in the format argument)." } ] }, diff --git a/2021/25xxx/CVE-2021-25124.json b/2021/25xxx/CVE-2021-25124.json index 7849351b6b1..ad04dfc57e6 100644 --- a/2021/25xxx/CVE-2021-25124.json +++ b/2021/25xxx/CVE-2021-25124.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25124", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice deletevideo_func function path traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice deletevideo_func function path traversal vulnerability." } ] } diff --git a/2021/25xxx/CVE-2021-25125.json b/2021/25xxx/CVE-2021-25125.json index a6ef81da489..45b74c8532f 100644 --- a/2021/25xxx/CVE-2021-25125.json +++ b/2021/25xxx/CVE-2021-25125.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25125", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice delsolrecordedvideo_func function path traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice delsolrecordedvideo_func function path traversal vulnerability." } ] } diff --git a/2021/25xxx/CVE-2021-25126.json b/2021/25xxx/CVE-2021-25126.json index d300197d99a..5d4dec7c598 100644 --- a/2021/25xxx/CVE-2021-25126.json +++ b/2021/25xxx/CVE-2021-25126.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25126", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice downloadkvmjnlp_func function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice downloadkvmjnlp_func function." } ] } diff --git a/2021/25xxx/CVE-2021-25127.json b/2021/25xxx/CVE-2021-25127.json index 624bf7b1d16..7c09932da42 100644 --- a/2021/25xxx/CVE-2021-25127.json +++ b/2021/25xxx/CVE-2021-25127.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25127", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice generatesslcertificate_func function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice generatesslcertificate_func function." } ] } diff --git a/2021/25xxx/CVE-2021-25128.json b/2021/25xxx/CVE-2021-25128.json index 9cdeba543dd..bfe23567a4f 100644 --- a/2021/25xxx/CVE-2021-25128.json +++ b/2021/25xxx/CVE-2021-25128.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25128", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice gethelpdata_func function path traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice gethelpdata_func function path traversal vulnerability." } ] } diff --git a/2021/25xxx/CVE-2021-25129.json b/2021/25xxx/CVE-2021-25129.json index 614177ed6da..fa954d34305 100644 --- a/2021/25xxx/CVE-2021-25129.json +++ b/2021/25xxx/CVE-2021-25129.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25129", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice getvideodata_func function path traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local spx_restservice getvideodata_func function path traversal vulnerability." } ] } diff --git a/2021/25xxx/CVE-2021-25130.json b/2021/25xxx/CVE-2021-25130.json index f31e8f9843c..45c60e09063 100644 --- a/2021/25xxx/CVE-2021-25130.json +++ b/2021/25xxx/CVE-2021-25130.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25130", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice setactdir_func function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setactdir_func function." } ] } diff --git a/2021/25xxx/CVE-2021-25131.json b/2021/25xxx/CVE-2021-25131.json index 98bd3bab282..f7939e46b75 100644 --- a/2021/25xxx/CVE-2021-25131.json +++ b/2021/25xxx/CVE-2021-25131.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25131", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice setfwimagelocation_func function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setfwimagelocation_func function." } ] } diff --git a/2021/25xxx/CVE-2021-25132.json b/2021/25xxx/CVE-2021-25132.json index cea0f5357c4..421ec604820 100644 --- a/2021/25xxx/CVE-2021-25132.json +++ b/2021/25xxx/CVE-2021-25132.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25132", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice setmediaconfig_func function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setmediaconfig_func function." } ] } diff --git a/2021/25xxx/CVE-2021-25133.json b/2021/25xxx/CVE-2021-25133.json index db2e02aae2b..4ce1721d357 100644 --- a/2021/25xxx/CVE-2021-25133.json +++ b/2021/25xxx/CVE-2021-25133.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25133", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice setradiusconfig_func function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setradiusconfig_func function." } ] } diff --git a/2021/25xxx/CVE-2021-25134.json b/2021/25xxx/CVE-2021-25134.json index 4bff6a4b157..c65377b98f8 100644 --- a/2021/25xxx/CVE-2021-25134.json +++ b/2021/25xxx/CVE-2021-25134.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25134", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "spx_restservice setremoteimageinfo_func function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setremoteimageinfo_func function." } ] } diff --git a/2021/25xxx/CVE-2021-25135.json b/2021/25xxx/CVE-2021-25135.json index 561997b809e..48a2993d298 100644 --- a/2021/25xxx/CVE-2021-25135.json +++ b/2021/25xxx/CVE-2021-25135.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25135", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice setsmtp_func function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsmtp_func function." } ] } diff --git a/2021/25xxx/CVE-2021-25136.json b/2021/25xxx/CVE-2021-25136.json index aefe2713090..ee1d906d58f 100644 --- a/2021/25xxx/CVE-2021-25136.json +++ b/2021/25xxx/CVE-2021-25136.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25136", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "spx_restservice setsolvideoremotestorage_func function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice setsolvideoremotestorage_func function." } ] } diff --git a/2021/25xxx/CVE-2021-25137.json b/2021/25xxx/CVE-2021-25137.json index e36b655f15a..5f014e96a1c 100644 --- a/2021/25xxx/CVE-2021-25137.json +++ b/2021/25xxx/CVE-2021-25137.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25137", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice startflash_func function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice startflash_func function." } ] } diff --git a/2021/25xxx/CVE-2021-25138.json b/2021/25xxx/CVE-2021-25138.json index 4467cd5d032..0b030109975 100644 --- a/2021/25xxx/CVE-2021-25138.json +++ b/2021/25xxx/CVE-2021-25138.json @@ -4,14 +4,70 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-25138", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server", + "version": { + "version_data": [ + { + "version_value": "Version. 1.09.0.0" + }, + { + "version_value": "Version 1.07.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.10.0.0" + }, + { + "version_value": "Version 1.08.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "local spx_restservice uploadsshkey function buffer overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us", + "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf04073en_us" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Baseboard Management Controller(BMC) in HPE Cloudline CL5800 Gen9 Server; HPE Cloudline CL5200 Gen9 Server; HPE Cloudline CL4100 Gen10 Server; HPE Cloudline CL3100 Gen10 Server; HPE Cloudline CL5800 Gen10 Server BMC firmware has a local buffer overlfow in spx_restservice uploadsshkey function." } ] } diff --git a/2021/3xxx/CVE-2021-3347.json b/2021/3xxx/CVE-2021-3347.json index 032e6784d74..5470430a97b 100644 --- a/2021/3xxx/CVE-2021-3347.json +++ b/2021/3xxx/CVE-2021-3347.json @@ -101,6 +101,16 @@ "refsource": "MISC", "name": "https://www.openwall.com/lists/oss-security/2021/01/29/1", "url": "https://www.openwall.com/lists/oss-security/2021/01/29/1" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20210129 Re: Linux Kernel: local priv escalation via futexes", + "url": "http://www.openwall.com/lists/oss-security/2021/01/29/5" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20210129 Re: Linux Kernel: local priv escalation via futexes", + "url": "http://www.openwall.com/lists/oss-security/2021/01/29/4" } ] }