diff --git a/2022/34xxx/CVE-2022-34711.json b/2022/34xxx/CVE-2022-34711.json index 84aa57f9bf4..4ef1dd6e9d8 100644 --- a/2022/34xxx/CVE-2022-34711.json +++ b/2022/34xxx/CVE-2022-34711.json @@ -1,259 +1,261 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2022-34711", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "10 Version 1809 for 32-bit Systems" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2022-34711", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2016" + } + ] + } + }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - } - ] + "vendor_name": "Microsoft" } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2019" - }, - { - "version_value": "2016" - } - ] - } - }, - { - "product_name": "Windows Server 2019 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H1 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H1 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server 2022", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server 2022 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 20H2 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 20H2 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server, version 20H2 (Server Core Installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 11 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 11 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H2 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H2 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H2 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server 2016 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } ] - }, - "vendor_name": "Microsoft" } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Windows Defender Credential Guard Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34705, CVE-2022-35771." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Elevation of Privilege" - } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Defender Credential Guard Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34705, CVE-2022-35771." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34711" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", - "baseScore": "7.8", - "temporalScore": "6.8", - "version": "3.1" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of Privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34711", + "refsource": "MISC", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-34711" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", + "baseScore": "7.8", + "temporalScore": "6.8", + "version": "3.1" + } } - } -} +} \ No newline at end of file diff --git a/2022/35xxx/CVE-2022-35822.json b/2022/35xxx/CVE-2022-35822.json index d023865db5a..9fecf1fc36f 100644 --- a/2022/35xxx/CVE-2022-35822.json +++ b/2022/35xxx/CVE-2022-35822.json @@ -1,259 +1,261 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ASSIGNER": "secure@microsoft.com", - "ID": "CVE-2022-35822", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Windows", - "version": { - "version_data": [ - { - "version_value": "10 Version 1809 for 32-bit Systems" + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ASSIGNER": "secure@microsoft.com", + "ID": "CVE-2022-35822", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Windows", + "version": { + "version_data": [ + { + "version_value": "10 Version 1809 for 32-bit Systems" + }, + { + "version_value": "10 Version 1809 for x64-based Systems" + }, + { + "version_value": "10 Version 1809 for ARM64-based Systems" + }, + { + "version_value": "10 for 32-bit Systems" + }, + { + "version_value": "10 for x64-based Systems" + }, + { + "version_value": "10 Version 1607 for 32-bit Systems" + }, + { + "version_value": "10 Version 1607 for x64-based Systems" + } + ] + } + }, + { + "product_name": "Windows Server", + "version": { + "version_data": [ + { + "version_value": "2019" + }, + { + "version_value": "2016" + } + ] + } + }, + { + "product_name": "Windows Server 2019 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H1 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2022 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server, version 20H2 (Server Core Installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 11 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2 for 32-bit Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2 for ARM64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows 10 Version 21H2 for x64-based Systems", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + }, + { + "product_name": "Windows Server 2016 (Server Core installation)", + "version": { + "version_data": [ + { + "version_value": "" + } + ] + } + } + ] }, - { - "version_value": "10 Version 1809 for x64-based Systems" - }, - { - "version_value": "10 Version 1809 for ARM64-based Systems" - }, - { - "version_value": "10 for 32-bit Systems" - }, - { - "version_value": "10 for x64-based Systems" - }, - { - "version_value": "10 Version 1607 for 32-bit Systems" - }, - { - "version_value": "10 Version 1607 for x64-based Systems" - } - ] + "vendor_name": "Microsoft" } - }, - { - "product_name": "Windows Server", - "version": { - "version_data": [ - { - "version_value": "2019" - }, - { - "version_value": "2016" - } - ] - } - }, - { - "product_name": "Windows Server 2019 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H1 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H1 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H1 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server 2022", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server 2022 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 20H2 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 20H2 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 20H2 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server, version 20H2 (Server Core Installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 11 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 11 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H2 for 32-bit Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H2 for ARM64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows 10 Version 21H2 for x64-based Systems", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - }, - { - "product_name": "Windows Server 2016 (Server Core installation)", - "version": { - "version_data": [ - { - "version_value": "" - } - ] - } - } ] - }, - "vendor_name": "Microsoft" } - ] - } - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Windows Defender Credential Guard Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-34709." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "Security Feature Bypass" - } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Windows Defender Credential Guard Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-34709." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35822" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", - "baseScore": "7.1", - "temporalScore": "6.2", - "version": "3.1" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Security Feature Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35822", + "refsource": "MISC", + "name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-35822" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C", + "baseScore": "7.1", + "temporalScore": "6.2", + "version": "3.1" + } } - } -} +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38186.json b/2022/38xxx/CVE-2022-38186.json index a68f95d805e..33cfbbf2deb 100644 --- a/2022/38xxx/CVE-2022-38186.json +++ b/2022/38xxx/CVE-2022-38186.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "PSIRT@esri.com", + "ASSIGNER": "psirt@esri.com", "DATE_PUBLIC": "2022-06-28T17:04:00.000Z", "ID": "CVE-2022-38186", "STATE": "PUBLIC" @@ -38,7 +38,7 @@ "description_data": [ { "lang": "eng", - "value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and below which may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim’s browser." + "value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.8.1 and below which may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim\u2019s browser." } ] }, @@ -88,4 +88,4 @@ ], "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38188.json b/2022/38xxx/CVE-2022-38188.json index 89e5416c433..821db4c4d87 100644 --- a/2022/38xxx/CVE-2022-38188.json +++ b/2022/38xxx/CVE-2022-38188.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "PSIRT@esri.com", + "ASSIGNER": "psirt@esri.com", "DATE_PUBLIC": "2022-06-28T17:19:00.000Z", "ID": "CVE-2022-38188", "STATE": "PUBLIC" @@ -38,7 +38,7 @@ "description_data": [ { "lang": "eng", - "value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1 which may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim’s browser." + "value": "There is a reflected XSS vulnerability in Esri Portal for ArcGIS versions 10.9.1 which may allow a remote attacker able to convince a user to click on a crafted link which could potentially execute arbitrary JavaScript code in the victim\u2019s browser." } ] }, @@ -88,4 +88,4 @@ ], "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38190.json b/2022/38xxx/CVE-2022-38190.json index c60372f65c3..4d6d7484480 100644 --- a/2022/38xxx/CVE-2022-38190.json +++ b/2022/38xxx/CVE-2022-38190.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "PSIRT@esri.com", + "ASSIGNER": "psirt@esri.com", "DATE_PUBLIC": "2022-06-28T17:26:00.000Z", "ID": "CVE-2022-38190", "STATE": "PUBLIC", @@ -45,7 +45,7 @@ "description_data": [ { "lang": "eng", - "value": "A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user’s browser" + "value": "A stored Cross Site Scripting (XSS) vulnerability in Esri Portal for ArcGIS configurable apps may allow a remote, unauthenticated attacker to pass and store malicious strings via crafted queries which when accessed could potentially execute arbitrary JavaScript code in the user\u2019s browser" } ] }, @@ -102,4 +102,4 @@ ], "discovery": "UNKNOWN" } -} +} \ No newline at end of file diff --git a/2022/38xxx/CVE-2022-38368.json b/2022/38xxx/CVE-2022-38368.json new file mode 100644 index 00000000000..d8b4dbb6d51 --- /dev/null +++ b/2022/38xxx/CVE-2022-38368.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2022-38368", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "An issue was discovered in Aviatrix Gateway before 6.6.5712 and 6.7.x before 6.7.1376. Because Gateway API functions mishandle authentication, an authenticated VPN user can inject arbitrary commands." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.aviatrix.com/HowTos/PSIRT_Advisories.html#aviatrix-controller-and-gateways-unauthorized-access", + "refsource": "MISC", + "name": "https://docs.aviatrix.com/HowTos/PSIRT_Advisories.html#aviatrix-controller-and-gateways-unauthorized-access" + } + ] + } +} \ No newline at end of file