From 4e8ae05ef2d27cda883112e120c53fda2e413ad0 Mon Sep 17 00:00:00 2001
From: CVE Team <cve-request@mitre.org>
Date: Thu, 23 Dec 2021 22:01:00 +0000
Subject: [PATCH] "-Synchronized-Data."

---
 2020/35xxx/CVE-2020-35398.json | 61 ++++++++++++++++++++++++++++++----
 2021/41xxx/CVE-2021-41451.json |  2 +-
 2021/41xxx/CVE-2021-41611.json |  5 +++
 2021/44xxx/CVE-2021-44273.json |  5 +++
 4 files changed, 66 insertions(+), 7 deletions(-)

diff --git a/2020/35xxx/CVE-2020-35398.json b/2020/35xxx/CVE-2020-35398.json
index 7d2a16b5278..c88a10bce84 100644
--- a/2020/35xxx/CVE-2020-35398.json
+++ b/2020/35xxx/CVE-2020-35398.json
@@ -1,17 +1,66 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
-        "ID": "CVE-2020-35398",
         "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2020-35398",
+        "STATE": "PUBLIC"
     },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An issue was discovered in UTI Mutual fund Android application 5.4.18 and prior, allows attackers to brute force enumeration of usernames determined by the error message returned after invalid credentials are attempted."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://play.google.com/store/apps/details?id=com.utimutualfunds.utimutualfund&hl=en_IN&gl=US",
+                "refsource": "MISC",
+                "name": "https://play.google.com/store/apps/details?id=com.utimutualfunds.utimutualfund&hl=en_IN&gl=US"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://cvewalkthrough.com/cve-2020-35398-uti-mutual-fund-android-application-username-enumeration/",
+                "url": "https://cvewalkthrough.com/cve-2020-35398-uti-mutual-fund-android-application-username-enumeration/"
             }
         ]
     }
diff --git a/2021/41xxx/CVE-2021-41451.json b/2021/41xxx/CVE-2021-41451.json
index 1b659e0b9d1..c1d12c9cc30 100644
--- a/2021/41xxx/CVE-2021-41451.json
+++ b/2021/41xxx/CVE-2021-41451.json
@@ -34,7 +34,7 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "An HTTP/1.1 misconfiguration in web interface of TP-Link AX10v1 before V1_211117 could allow an attacker to send a specially crafted HTTP/0.9 packet that could cause a cache poisoning attack."
+                "value": "A misconfiguration in HTTP/1.0 and HTTP/1.1 of the web interface in TP-Link AX10v1 before V1_211117 allows a remote unauthenticated attacker to send a specially crafted HTTP request and receive a misconfigured HTTP/0.9 response, potentially leading into a cache poisoning attack."
             }
         ]
     },
diff --git a/2021/41xxx/CVE-2021-41611.json b/2021/41xxx/CVE-2021-41611.json
index 644254bf492..e2811374d6a 100644
--- a/2021/41xxx/CVE-2021-41611.json
+++ b/2021/41xxx/CVE-2021-41611.json
@@ -66,6 +66,11 @@
                 "refsource": "FEDORA",
                 "name": "FEDORA-2021-15d2f70a07",
                 "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWQ2WKDWTSO47S3F6XJJ6HGG2ULWEAE4/"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[oss-security] 20211223 CVE-2021-44273: e2guardian did not validate TLS hostnames",
+                "url": "http://www.openwall.com/lists/oss-security/2021/12/23/2"
             }
         ]
     }
diff --git a/2021/44xxx/CVE-2021-44273.json b/2021/44xxx/CVE-2021-44273.json
index d68aec66dba..8382bd4d6e2 100644
--- a/2021/44xxx/CVE-2021-44273.json
+++ b/2021/44xxx/CVE-2021-44273.json
@@ -61,6 +61,11 @@
                 "url": "https://github.com/e2guardian/e2guardian/commit/eae46a7e2a57103aadca903c4a24cca94dc502a2",
                 "refsource": "MISC",
                 "name": "https://github.com/e2guardian/e2guardian/commit/eae46a7e2a57103aadca903c4a24cca94dc502a2"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[oss-security] 20211223 CVE-2021-44273: e2guardian did not validate TLS hostnames",
+                "url": "http://www.openwall.com/lists/oss-security/2021/12/23/2"
             }
         ]
     }