mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
Auto-merge PR#5442
Auto-merge PR#5442
This commit is contained in:
CVE Team
GitHub
commit
578490eb7a
@ -1,18 +1,90 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-39040",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
"CVE_data_meta" : {
|
||||
"STATE" : "PUBLIC",
|
||||
"ASSIGNER" : "psirt@us.ibm.com",
|
||||
"DATE_PUBLIC" : "2022-04-22T00:00:00",
|
||||
"ID" : "CVE-2021-39040"
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"name" : "https://www.ibm.com/support/pages/node/6574003",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6574003",
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 6574003 (Planning Analytics Workspace)"
|
||||
},
|
||||
{
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"refsource" : "XF",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214025",
|
||||
"name" : "ibm-planning-cve202139040-file-upload (214025)"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "IBM Planning Analytics Workspace 2.0 could be vulnerable to malicious file upload by not validating the file types or sizes. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 214025."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Gain Access"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"I" : "H",
|
||||
"UI" : "R",
|
||||
"A" : "N",
|
||||
"C" : "L",
|
||||
"SCORE" : "6.300",
|
||||
"AV" : "N",
|
||||
"AC" : "L",
|
||||
"PR" : "L",
|
||||
"S" : "U"
|
||||
},
|
||||
"TM" : {
|
||||
"RC" : "C",
|
||||
"RL" : "O",
|
||||
"E" : "U"
|
||||
}
|
||||
}
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "2.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Planning Analytics Workspace"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_version" : "4.0"
|
||||
}
|
||||
|
||||
@ -1,18 +1,90 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-22392",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
"affects" : {
|
||||
"vendor" : {
|
||||
"vendor_data" : [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"product" : {
|
||||
"product_data" : [
|
||||
{
|
||||
"version" : {
|
||||
"version_data" : [
|
||||
{
|
||||
"version_value" : "2.0"
|
||||
}
|
||||
]
|
||||
},
|
||||
"product_name" : "Planning Analytics Workspace"
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name" : "IBM"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_version" : "4.0",
|
||||
"CVE_data_meta" : {
|
||||
"ID" : "CVE-2022-22392",
|
||||
"DATE_PUBLIC" : "2022-04-22T00:00:00",
|
||||
"STATE" : "PUBLIC",
|
||||
"ASSIGNER" : "psirt@us.ibm.com"
|
||||
},
|
||||
"problemtype" : {
|
||||
"problemtype_data" : [
|
||||
{
|
||||
"description" : [
|
||||
{
|
||||
"lang" : "eng",
|
||||
"value" : "Gain Access"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_format" : "MITRE",
|
||||
"description" : {
|
||||
"description_data" : [
|
||||
{
|
||||
"value" : "IBM Planning Analytics Local 2.0 could allow an attacker to upload arbitrary executable files which, when executed by an unsuspecting victim could result in code execution. IBM X-Force ID: 222066.",
|
||||
"lang" : "eng"
|
||||
}
|
||||
]
|
||||
},
|
||||
"references" : {
|
||||
"reference_data" : [
|
||||
{
|
||||
"name" : "https://www.ibm.com/support/pages/node/6574003",
|
||||
"url" : "https://www.ibm.com/support/pages/node/6574003",
|
||||
"refsource" : "CONFIRM",
|
||||
"title" : "IBM Security Bulletin 6574003 (Planning Analytics Workspace)"
|
||||
},
|
||||
{
|
||||
"refsource" : "XF",
|
||||
"title" : "X-Force Vulnerability Report",
|
||||
"name" : "ibm-planning-cve202222392-code-exec (222066)",
|
||||
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/222066"
|
||||
}
|
||||
]
|
||||
},
|
||||
"data_type" : "CVE",
|
||||
"impact" : {
|
||||
"cvssv3" : {
|
||||
"BM" : {
|
||||
"SCORE" : "6.800",
|
||||
"AV" : "N",
|
||||
"PR" : "H",
|
||||
"AC" : "L",
|
||||
"S" : "U",
|
||||
"I" : "H",
|
||||
"UI" : "R",
|
||||
"C" : "H",
|
||||
"A" : "H"
|
||||
},
|
||||
"TM" : {
|
||||
"E" : "U",
|
||||
"RL" : "O",
|
||||
"RC" : "C"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user