mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
0571c20eb6
commit
56019a712d
@ -90,10 +90,15 @@
|
||||
"name": "https://www.iot-inspector.com/blog/advisory-fibaro-home-center/",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.iot-inspector.com/blog/advisory-fibaro-home-center/"
|
||||
},
|
||||
{
|
||||
"refsource": "FULLDISC",
|
||||
"name": "20210419 [CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992] Multiple vulnerabilities in Fibaro Home Center",
|
||||
"url": "http://seclists.org/fulldisclosure/2021/Apr/27"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -90,6 +90,11 @@
|
||||
"name": "https://www.iot-inspector.com/blog/advisory-fibaro-home-center/",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.iot-inspector.com/blog/advisory-fibaro-home-center/"
|
||||
},
|
||||
{
|
||||
"refsource": "FULLDISC",
|
||||
"name": "20210419 [CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992] Multiple vulnerabilities in Fibaro Home Center",
|
||||
"url": "http://seclists.org/fulldisclosure/2021/Apr/27"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -90,6 +90,11 @@
|
||||
"name": "https://www.iot-inspector.com/blog/advisory-fibaro-home-center/",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.iot-inspector.com/blog/advisory-fibaro-home-center/"
|
||||
},
|
||||
{
|
||||
"refsource": "FULLDISC",
|
||||
"name": "20210419 [CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992] Multiple vulnerabilities in Fibaro Home Center",
|
||||
"url": "http://seclists.org/fulldisclosure/2021/Apr/27"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -90,6 +90,11 @@
|
||||
"name": "https://www.iot-inspector.com/blog/advisory-fibaro-home-center/",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://www.iot-inspector.com/blog/advisory-fibaro-home-center/"
|
||||
},
|
||||
{
|
||||
"refsource": "FULLDISC",
|
||||
"name": "20210419 [CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992] Multiple vulnerabilities in Fibaro Home Center",
|
||||
"url": "http://seclists.org/fulldisclosure/2021/Apr/27"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -54,7 +54,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file.\n\nThis issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted."
|
||||
"value": "An unsafe deserialization vulnerability in Bridgecrew Checkov by Prisma Cloud allows arbitrary code execution when processing a malicious terraform file. This issue impacts Checkov 2.0 versions earlier than Checkov 2.0.26. Checkov 1.0 versions are not impacted."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -98,8 +98,9 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://security.paloaltonetworks.com/CVE-2021-3035"
|
||||
"refsource": "MISC",
|
||||
"url": "https://security.paloaltonetworks.com/CVE-2021-3035",
|
||||
"name": "https://security.paloaltonetworks.com/CVE-2021-3035"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -85,7 +85,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly.\n\nThis vulnerability applies only to PAN-OS appliances that are configured to use the PAN-OS XML API and exists only when a client includes a duplicate API parameter in API requests.\n\nLogged information includes the cleartext username, password, and API key of the administrator making the PAN-OS XML API request.\n"
|
||||
"value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where secrets in PAN-OS XML API requests are logged in cleartext to the web server logs when the API is used incorrectly. This vulnerability applies only to PAN-OS appliances that are configured to use the PAN-OS XML API and exists only when a client includes a duplicate API parameter in API requests. Logged information includes the cleartext username, password, and API key of the administrator making the PAN-OS XML API request."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -129,8 +129,9 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://security.paloaltonetworks.com/CVE-2021-3036"
|
||||
"refsource": "MISC",
|
||||
"url": "https://security.paloaltonetworks.com/CVE-2021-3036",
|
||||
"name": "https://security.paloaltonetworks.com/CVE-2021-3036"
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -156,7 +157,7 @@
|
||||
"work_around": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "You must change the passwords and generate a new API key for all impacted PAN-OS administrators. Confirm that there aren’t any PAN-OS XML API requests that repeat API parameters in the request."
|
||||
"value": "You must change the passwords and generate a new API key for all impacted PAN-OS administrators. Confirm that there aren\u2019t any PAN-OS XML API requests that repeat API parameters in the request."
|
||||
}
|
||||
],
|
||||
"x_advisoryEoL": false,
|
||||
|
||||
@ -80,7 +80,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs.\n\nLogged information includes the cleartext username, password, and IP address used to export the PAN-OS configuration to the destination server.\n"
|
||||
"value": "An information exposure through log file vulnerability exists in Palo Alto Networks PAN-OS software where the connection details for a scheduled configuration export are logged in system logs. Logged information includes the cleartext username, password, and IP address used to export the PAN-OS configuration to the destination server."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -124,8 +124,9 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://security.paloaltonetworks.com/CVE-2021-3037"
|
||||
"refsource": "MISC",
|
||||
"url": "https://security.paloaltonetworks.com/CVE-2021-3037",
|
||||
"name": "https://security.paloaltonetworks.com/CVE-2021-3037"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -63,7 +63,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error.\nThis issue impacts:\nGlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8;\nGlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4."
|
||||
"value": "A denial-of-service (DoS) vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death (BSOD) error. This issue impacts: GlobalProtect app 5.1 versions earlier than GlobalProtect app 5.1.8; GlobalProtect app 5.2 versions earlier than GlobalProtect app 5.2.4."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -115,8 +115,9 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://security.paloaltonetworks.com/CVE-2021-3038"
|
||||
"refsource": "MISC",
|
||||
"url": "https://security.paloaltonetworks.com/CVE-2021-3038",
|
||||
"name": "https://security.paloaltonetworks.com/CVE-2021-3038"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user