diff --git a/2021/23xxx/CVE-2021-23265.json b/2021/23xxx/CVE-2021-23265.json index e5d0de68de9..9089d7d352e 100644 --- a/2021/23xxx/CVE-2021-23265.json +++ b/2021/23xxx/CVE-2021-23265.json @@ -82,8 +82,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601" + "refsource": "MISC", + "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601", + "name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051601" } ] }, diff --git a/2021/23xxx/CVE-2021-23266.json b/2021/23xxx/CVE-2021-23266.json index e32b25550a3..141f0bca187 100644 --- a/2021/23xxx/CVE-2021-23266.json +++ b/2021/23xxx/CVE-2021-23266.json @@ -82,8 +82,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602" + "refsource": "MISC", + "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602", + "name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051602" } ] }, diff --git a/2021/23xxx/CVE-2021-23267.json b/2021/23xxx/CVE-2021-23267.json index 56b50b11bcc..7eab5bee2be 100644 --- a/2021/23xxx/CVE-2021-23267.json +++ b/2021/23xxx/CVE-2021-23267.json @@ -44,7 +44,7 @@ "description_data": [ { "lang": "eng", - "value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods.\n\n" + "value": "Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via FreeMarker static methods." } ] }, @@ -82,8 +82,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051603" + "refsource": "MISC", + "url": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051603", + "name": "https://docs.craftercms.org/en/3.1/security/advisory.html#cv-2022051603" } ] }, diff --git a/2021/27xxx/CVE-2021-27442.json b/2021/27xxx/CVE-2021-27442.json index a26f37b027d..16af03c6bb9 100644 --- a/2021/27xxx/CVE-2021-27442.json +++ b/2021/27xxx/CVE-2021-27442.json @@ -1,18 +1,170 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-03-23T17:00:00.000Z", "ID": "CVE-2021-27442", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Weintek EasyWeb cMT Cross-site Scripting" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "cMT-SVR-1xx/2xx", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210305" + } + ] + } + }, + { + "product_name": "cMT-G01/G02", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": " 20210209" + } + ] + } + }, + { + "product_name": "cMT-G03/G04", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210222" + } + ] + } + }, + { + "product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210218" + } + ] + } + }, + { + "product_name": "cMT-HDM", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210204" + } + ] + } + }, + { + "product_name": "cMT-FHD", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210208" + } + ] + } + }, + { + "product_name": "cMT-CTRL01", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210302" + } + ] + } + } + ] + }, + "vendor_name": "Weintek" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Weintek cMT product line is vulnerable to a cross-site scripting vulnerability, which could allow an unauthenticated remote attacker to inject malicious JavaScript code." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 9.4, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Cross-site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01", + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01" + }, + { + "name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf", + "refsource": "CONFIRM", + "url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf" + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27444.json b/2021/27xxx/CVE-2021-27444.json index f99f3e18b92..4bcf303d301 100644 --- a/2021/27xxx/CVE-2021-27444.json +++ b/2021/27xxx/CVE-2021-27444.json @@ -1,18 +1,170 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-03-23T17:00:00.000Z", "ID": "CVE-2021-27444", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Weintek EasyWeb cMT Improper Access Control" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "cMT-SVR-1xx/2xx", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210305" + } + ] + } + }, + { + "product_name": "cMT-G01/G02", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": " 20210209" + } + ] + } + }, + { + "product_name": "cMT-G03/G04", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210222" + } + ] + } + }, + { + "product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210218" + } + ] + } + }, + { + "product_name": "cMT-HDM", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210204" + } + ] + } + }, + { + "product_name": "cMT-FHD", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210208" + } + ] + } + }, + { + "product_name": "cMT-CTRL01", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210302" + } + ] + } + } + ] + }, + "vendor_name": "Weintek" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Weintek cMT product line is vulnerable to various improper access controls, which may allow an unauthenticated attacker to remotely access and download sensitive information and perform administrative actions on behalf of a legitimate administrator." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-284: Improper Access Control" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01", + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01" + }, + { + "name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf", + "refsource": "CONFIRM", + "url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf" + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/27xxx/CVE-2021-27446.json b/2021/27xxx/CVE-2021-27446.json index 1b5d6fc9769..d2b3405e635 100644 --- a/2021/27xxx/CVE-2021-27446.json +++ b/2021/27xxx/CVE-2021-27446.json @@ -1,18 +1,170 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-03-23T17:00:00.000Z", "ID": "CVE-2021-27446", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Weintek EasyWeb cMT Code Injection" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "cMT-SVR-1xx/2xx", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210305" + } + ] + } + }, + { + "product_name": "cMT-G01/G02", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": " 20210209" + } + ] + } + }, + { + "product_name": "cMT-G03/G04", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210222" + } + ] + } + }, + { + "product_name": "cMT3071/cMT3072/cMT3090/cMT3103/cMT3151", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210218" + } + ] + } + }, + { + "product_name": "cMT-HDM", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210204" + } + ] + } + }, + { + "product_name": "cMT-FHD", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210208" + } + ] + } + }, + { + "product_name": "cMT-CTRL01", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20210302" + } + ] + } + } + ] + }, + "vendor_name": "Weintek" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Marcin Dudek from CERT.PL reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Weintek cMT product line is vulnerable to code injection, which may allow an unauthenticated remote attacker to execute commands with root privileges on the operation system." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94: Code Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01", + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-082-01" + }, + { + "name": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf", + "refsource": "CONFIRM", + "url": "https://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Weintek has released OS upgrades for the affected products. Refer to Weintek\u2019s Technical Notice regarding these vulnerabilities.\nhttps://www.weintek.com/globalw/Download/Download.aspx\nhttps://dl.weintek.com/public/Document/TEC/TEC21001E_cMT_EasyWeb_V1_Security_Issues.pdf" + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/33xxx/CVE-2021-33001.json b/2021/33xxx/CVE-2021-33001.json index 433a1c9bfae..98ec1930dfb 100644 --- a/2021/33xxx/CVE-2021-33001.json +++ b/2021/33xxx/CVE-2021-33001.json @@ -1,18 +1,103 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-08-17T21:49:00.000Z", "ID": "CVE-2021-33001", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "xArrow SCADA Cross-site Scripting" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "xArrow SCADA", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "7.2" + } + ] + } + } + ] + }, + "vendor_name": "xArrow" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Sharon Brizinov from Claroty, and Michael Heinzl reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter \u2018bdate\u2019 of the resource xhisvalue.htm, which may allow an unauthorized attacker to execute arbitrary code." } ] - } + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Cross-site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-229-03", + "refsource": "CONFIRM", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-229-03" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "eng", + "value": "xArrow has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products who would like to see more responsible security are invited to contact xArrow customer support." + }, + { + "lang": "eng", + "value": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n Disable web server implementation. Web server is disabled by default.\n Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures." + } + ] } \ No newline at end of file diff --git a/2021/33xxx/CVE-2021-33021.json b/2021/33xxx/CVE-2021-33021.json index feb96769ce3..ce815e9ed99 100644 --- a/2021/33xxx/CVE-2021-33021.json +++ b/2021/33xxx/CVE-2021-33021.json @@ -1,18 +1,103 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-08-17T21:49:00.000Z", "ID": "CVE-2021-33021", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "xArrow SCADA Cross-site Scripting" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "xArrow SCADA", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "7.2" + } + ] + } + } + ] + }, + "vendor_name": "xArrow" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Sharon Brizinov from Claroty, and Michael Heinzl reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "xArrow SCADA versions 7.2 and prior is vulnerable to cross-site scripting due to parameter \u2018edate\u2019 of the resource xhisalarm.htm, which may allow an unauthorized attacker to execute arbitrary code." } ] - } + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Cross-site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-229-03", + "refsource": "CONFIRM", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-229-03" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "eng", + "value": "xArrow has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products who would like to see more responsible security are invited to contact xArrow customer support." + }, + { + "lang": "eng", + "value": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n Disable web server implementation. Web server is disabled by default.\n Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures." + } + ] } \ No newline at end of file diff --git a/2021/33xxx/CVE-2021-33025.json b/2021/33xxx/CVE-2021-33025.json index 44e85f0cecd..31d60c8bfe3 100644 --- a/2021/33xxx/CVE-2021-33025.json +++ b/2021/33xxx/CVE-2021-33025.json @@ -1,18 +1,103 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-08-17T21:49:00.000Z", "ID": "CVE-2021-33025", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "xArrow SCADA Path Traversal" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "xArrow SCADA", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "7.2" + } + ] + } + } + ] + }, + "vendor_name": "xArrow" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Sharon Brizinov from Claroty, and Michael Heinzl reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "xArrow SCADA versions 7.2 and prior permits unvalidated registry keys to be run with application-level privileges." } ] - } + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 5.6, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:H/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Cross-site Scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-229-03", + "refsource": "CONFIRM", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-229-03" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "eng", + "value": "xArrow has not responded to requests to work with CISA to mitigate these vulnerabilities. Users of these affected products who would like to see more responsible security are invited to contact xArrow customer support." + }, + { + "lang": "eng", + "value": "CISA recommends users take defensive measures to minimize the risk of exploitation of these vulnerabilities. Specifically, users should:\n Disable web server implementation. Web server is disabled by default.\n Minimize network exposure for all control system devices and/or systems, and ensure that they are not accessible from the Internet.\n Locate control system networks and remote devices behind firewalls, and isolate them from the business network.\n When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most current version available. Also recognize VPN is only as secure as its connected devices.\n\nCISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures." + } + ] } \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1679.json b/2022/1xxx/CVE-2022-1679.json index f1651fb5d61..43eec8f2b32 100644 --- a/2022/1xxx/CVE-2022-1679.json +++ b/2022/1xxx/CVE-2022-1679.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-1679", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secalert@redhat.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Kernel", + "version": { + "version_data": [ + { + "version_value": "Linux kernel 5.18-rc7" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-416" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://lore.kernel.org/lkml/87ilqc7jv9.fsf@kernel.org/t/", + "url": "https://lore.kernel.org/lkml/87ilqc7jv9.fsf@kernel.org/t/" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A use-after-free flaw was found in the Linux kernel\u2019s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system." } ] } diff --git a/2022/1xxx/CVE-2022-1733.json b/2022/1xxx/CVE-2022-1733.json new file mode 100644 index 00000000000..0650d681cf5 --- /dev/null +++ b/2022/1xxx/CVE-2022-1733.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1733", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/25xxx/CVE-2022-25169.json b/2022/25xxx/CVE-2022-25169.json index 1aed347cfdd..9931ea805e5 100644 --- a/2022/25xxx/CVE-2022-25169.json +++ b/2022/25xxx/CVE-2022-25169.json @@ -42,7 +42,7 @@ "description_data": [ { "lang": "eng", - "value": "The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files.\n" + "value": "The BPG parser in versions of Apache Tika before 1.28.2 and 2.4.0 may allocate an unreasonable amount of memory on carefully crafted files." } ] }, @@ -67,12 +67,13 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk" + "refsource": "MISC", + "url": "https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk", + "name": "https://lists.apache.org/thread/t3tb51sf0k2pmbnzsrrrm23z9r1c10rk" } ] }, "source": { "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2022/25xxx/CVE-2022-25932.json b/2022/25xxx/CVE-2022-25932.json new file mode 100644 index 00000000000..47e7925e54f --- /dev/null +++ b/2022/25xxx/CVE-2022-25932.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-25932", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/29xxx/CVE-2022-29888.json b/2022/29xxx/CVE-2022-29888.json new file mode 100644 index 00000000000..cde4f972c7e --- /dev/null +++ b/2022/29xxx/CVE-2022-29888.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-29888", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/30xxx/CVE-2022-30126.json b/2022/30xxx/CVE-2022-30126.json index 1b49a777c1a..5223ad7289f 100644 --- a/2022/30xxx/CVE-2022-30126.json +++ b/2022/30xxx/CVE-2022-30126.json @@ -48,7 +48,7 @@ "description_data": [ { "lang": "eng", - "value": "In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0" + "value": "In Apache Tika, a regular expression in our StandardsText class, used by the StandardsExtractingContentHandler could lead to a denial of service caused by backtracking on a specially crafted file. This only affects users who are running the StandardsExtractingContentHandler, which is a non-standard handler. This is fixed in 1.28.2 and 2.4.0" } ] }, @@ -75,8 +75,9 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4" + "refsource": "MISC", + "url": "https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4", + "name": "https://lists.apache.org/thread/dh3syg68nxogbmlg13srd6gjn3h2z6r4" } ] }, @@ -89,4 +90,4 @@ "value": "Upgrade to 1.28.2 or 2.4.0" } ] -} +} \ No newline at end of file diff --git a/2022/30xxx/CVE-2022-30695.json b/2022/30xxx/CVE-2022-30695.json index 5ab3506a403..3009ca6e793 100644 --- a/2022/30xxx/CVE-2022-30695.json +++ b/2022/30xxx/CVE-2022-30695.json @@ -1,18 +1,74 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@acronis.com", + "DATE_PUBLIC": "2022-05-13T00:00:00.000Z", "ID": "CVE-2022-30695", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Local privilege escalation due to excessive permissions assigned to child processes" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Acronis Snap Deploy", + "version": { + "version_data": [ + { + "platform": "Windows", + "version_affected": "<", + "version_value": "3640" + } + ] + } + } + ] + }, + "vendor_name": "Acronis" + } + ] + } + }, + "credit": [], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis Snap Deploy (Windows) before build 3640" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-250" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://security-advisory.acronis.com/advisories/SEC-3080", + "name": "https://security-advisory.acronis.com/advisories/SEC-3080" + } + ] + }, + "source": { + "advisory": "SEC-3080", + "defect": [ + "SEC-3080" + ], + "discovery": "INTERNAL" } } \ No newline at end of file diff --git a/2022/30xxx/CVE-2022-30696.json b/2022/30xxx/CVE-2022-30696.json index 3e4f2ff57d8..436fcd06001 100644 --- a/2022/30xxx/CVE-2022-30696.json +++ b/2022/30xxx/CVE-2022-30696.json @@ -1,18 +1,79 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@acronis.com", + "DATE_PUBLIC": "2022-05-13T00:00:00.000Z", "ID": "CVE-2022-30696", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Local privilege escalation due to a DLL hijacking vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Acronis Snap Deploy", + "version": { + "version_data": [ + { + "platform": "Windows", + "version_affected": "<", + "version_value": "3640" + } + ] + } + } + ] + }, + "vendor_name": "Acronis" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "@mmg (https://hackerone.com/mmg)" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Local privilege escalation due to a DLL hijacking vulnerability. The following products are affected: Acronis Snap Deploy (Windows) before build 3640" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-427" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://security-advisory.acronis.com/advisories/SEC-3081", + "name": "https://security-advisory.acronis.com/advisories/SEC-3081" + } + ] + }, + "source": { + "advisory": "SEC-3081", + "defect": [ + "SEC-3081" + ], + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2022/30xxx/CVE-2022-30697.json b/2022/30xxx/CVE-2022-30697.json index 4cc5737553b..824d6c7d192 100644 --- a/2022/30xxx/CVE-2022-30697.json +++ b/2022/30xxx/CVE-2022-30697.json @@ -1,18 +1,79 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@acronis.com", + "DATE_PUBLIC": "2022-05-13T00:00:00.000Z", "ID": "CVE-2022-30697", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Local privilege escalation due to insecure folder permissions" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Acronis Snap Deploy", + "version": { + "version_data": [ + { + "platform": "Windows", + "version_affected": "<", + "version_value": "3640" + } + ] + } + } + ] + }, + "vendor_name": "Acronis" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "@mmg (https://hackerone.com/mmg)" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Snap Deploy (Windows) before build 3640" } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-427" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://security-advisory.acronis.com/advisories/SEC-3082", + "name": "https://security-advisory.acronis.com/advisories/SEC-3082" + } + ] + }, + "source": { + "advisory": "SEC-3082", + "defect": [ + "SEC-3082" + ], + "discovery": "EXTERNAL" } } \ No newline at end of file