diff --git a/2020/7xxx/CVE-2020-7561.json b/2020/7xxx/CVE-2020-7561.json index 8db2e36c21e..c0a47a9db7b 100644 --- a/2020/7xxx/CVE-2020-7561.json +++ b/2020/7xxx/CVE-2020-7561.json @@ -60,7 +60,7 @@ "description_data": [ { "lang": "eng", - "value": "A CWE-284: Improper Access Control vulnerability exists in Easergy T300 (with firmware 2.7 and older) that could cause a wide range of problems, including information exposure, denial of service, and command execution when access to a resource from an attacker is not restricted or incorrectly restricted." + "value": "A CWE-306: Missing Authentication for Critical Function vulnerability exists in Easergy T300 (with firmware 2.7 and older) that could cause a wide range of problems, including information exposure, denial of service, and command execution when access to a resource from an attacker is not restricted or incorrectly restricted." } ] } diff --git a/2020/8xxx/CVE-2020-8475.json b/2020/8xxx/CVE-2020-8475.json index 07bdfc8ad03..ce26be72ae4 100644 --- a/2020/8xxx/CVE-2020-8475.json +++ b/2020/8xxx/CVE-2020-8475.json @@ -277,6 +277,21 @@ } ] } + }, + { + "product_name": "ABB Ability\u2122 SCADAvantage", + "version": { + "version_data": [ + { + "version_affected": ">=", + "version_value": "5.1" + }, + { + "version_affected": "<=", + "version_value": "5.6.5" + } + ] + } } ] }, @@ -292,7 +307,7 @@ "description_data": [ { "lang": "eng", - "value": "For the Central Licensing Server component used in ABB products ABB Ability\u2122 System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability\u2122 System 800xA/ Advant\u00ae OCS Control Builder A 1.3 and 1.4, Advant\u00ae OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, a weakness in validation of input exists that allows an attacker to block license handling by sending specially crafted messages to the CLS web service." + "value": "For the Central Licensing Server component used in ABB products ABB Ability\u2122 System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability\u2122 System 800xA/ Advant\u00ae OCS Control Builder A 1.3 and 1.4, Advant\u00ae OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, ABB AbilityTM SCADAvantage versions 5.1 to 5.6.5, a weakness in validation of input exists that allows an attacker to block license handling by sending specially crafted messages to the CLS web service." } ] }, @@ -330,19 +345,19 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch", - "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch" - }, - { - "refsource": "CONFIRM", - "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch", - "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch" + "refsource": "MISC", + "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch" }, { "refsource": "MISC", - "name": "https://www.us-cert.gov/ics/advisories/icsa-20-154-04", - "url": "https://www.us-cert.gov/ics/advisories/icsa-20-154-04" + "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch" + }, + { + "refsource": "MISC", + "url": "https://search.abb.com/library/Download.aspx?DocumentID=3CCA2020-003309&LanguageCode=en&DocumentPartId=&Action=Launch", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=3CCA2020-003309&LanguageCode=en&DocumentPartId=&Action=Launch" } ] }, diff --git a/2020/8xxx/CVE-2020-8476.json b/2020/8xxx/CVE-2020-8476.json index bce69fe2928..deac84af0ed 100644 --- a/2020/8xxx/CVE-2020-8476.json +++ b/2020/8xxx/CVE-2020-8476.json @@ -277,6 +277,21 @@ } ] } + }, + { + "product_name": "ABB Ability\u2122 SCADAvantage", + "version": { + "version_data": [ + { + "version_affected": ">=", + "version_value": "5.1" + }, + { + "version_affected": "<=", + "version_value": "5.6.5" + } + ] + } } ] }, @@ -292,7 +307,7 @@ "description_data": [ { "lang": "eng", - "value": "For the Central Licensing Server component used in ABB products ABB Ability\u2122 System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability\u2122 System 800xA/ Advant\u00ae OCS Control Builder A 1.3 and 1.4, Advant\u00ae OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, a weakness in validation of input exists that allows an attacker to alter licenses assigned to the system nodes by sending specially crafted messages to the CLS web service." + "value": "For the Central Licensing Server component used in ABB products ABB Ability\u2122 System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability\u2122 System 800xA/ Advant\u00ae OCS Control Builder A 1.3 and 1.4, Advant\u00ae OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, ABB AbilityTM SCADAvantage versions 5.1 to 5.6.5, a weakness in validation of input exists that allows an attacker to alter licenses assigned to the system nodes by sending specially crafted messages to the CLS web service." } ] }, @@ -330,19 +345,19 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch", - "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch" - }, - { - "refsource": "CONFIRM", - "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch", - "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch" + "refsource": "MISC", + "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch" }, { "refsource": "MISC", - "name": "https://www.us-cert.gov/ics/advisories/icsa-20-154-04", - "url": "https://www.us-cert.gov/ics/advisories/icsa-20-154-04" + "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch" + }, + { + "refsource": "MISC", + "url": "https://search.abb.com/library/Download.aspx?DocumentID=3CCA2020-003309&LanguageCode=en&DocumentPartId=&Action=Launch", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=3CCA2020-003309&LanguageCode=en&DocumentPartId=&Action=Launch" } ] }, diff --git a/2020/8xxx/CVE-2020-8479.json b/2020/8xxx/CVE-2020-8479.json index 9c062993ced..39b8bf799e8 100644 --- a/2020/8xxx/CVE-2020-8479.json +++ b/2020/8xxx/CVE-2020-8479.json @@ -277,6 +277,21 @@ } ] } + }, + { + "product_name": "ABB Ability\u2122 SCADAvantage", + "version": { + "version_data": [ + { + "version_affected": ">=", + "version_value": "5.1" + }, + { + "version_affected": "<=", + "version_value": "5.6.5" + } + ] + } } ] }, @@ -292,7 +307,7 @@ "description_data": [ { "lang": "eng", - "value": "For the Central Licensing Server component used in ABB products ABB Ability\u2122 System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability\u2122 System 800xA/ Advant\u00ae OCS Control Builder A 1.3 and 1.4, Advant\u00ae OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, an XML External Entity Injection vulnerability exists that allows an attacker to read or call arbitrary files from the license server and/or from the network and also block the license handling." + "value": "For the Central Licensing Server component used in ABB products ABB Ability\u2122 System 800xA and related system extensions versions 5.1, 6.0 and 6.1, Compact HMI versions 5.1 and 6.0, Control Builder Safe 1.0, 1.1 and 2.0, Symphony Plus -S+ Operations 3.0 to 3.2 Symphony Plus -S+ Engineering 1.1 to 2.2, Composer Harmony 5.1, 6.0 and 6.1, Melody Composer 5.3, 6.1/6.2 and SPE for Melody 1.0SPx (Composer 6.3), Harmony OPC Server (HAOPC) Standalone 6.0, 6.1 and 7.0, ABB Ability\u2122 System 800xA/ Advant\u00ae OCS Control Builder A 1.3 and 1.4, Advant\u00ae OCS AC100 OPC Server 5.1, 6.0 and 6.1, Composer CTK 6.1 and 6.2, AdvaBuild 3.7 SP1 and SP2, OPCServer for MOD 300 (non-800xA) 1.4, OPC Data Link 2.1 and 2.2, Knowledge Manager 8.0, 9.0 and 9.1, Manufacturing Operations Management 1812 and 1909, ABB AbilityTM SCADAvantage versions 5.1 to 5.6.5. an XML External Entity Injection vulnerability exists that allows an attacker to read or call arbitrary files from the license server and/or from the network and also block the license handling." } ] }, @@ -330,19 +345,19 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch", - "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch" - }, - { - "refsource": "CONFIRM", - "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch", - "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch" + "refsource": "MISC", + "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121231&LanguageCode=en&DocumentPartId=&Action=Launch" }, { "refsource": "MISC", - "name": "https://www.us-cert.gov/ics/advisories/icsa-20-154-04", - "url": "https://www.us-cert.gov/ics/advisories/icsa-20-154-04" + "url": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=2PAA121230&LanguageCode=en&DocumentPartId=&Action=Launch" + }, + { + "refsource": "MISC", + "url": "https://search.abb.com/library/Download.aspx?DocumentID=3CCA2020-003309&LanguageCode=en&DocumentPartId=&Action=Launch", + "name": "https://search.abb.com/library/Download.aspx?DocumentID=3CCA2020-003309&LanguageCode=en&DocumentPartId=&Action=Launch" } ] }, diff --git a/2021/36xxx/CVE-2021-36206.json b/2021/36xxx/CVE-2021-36206.json index 81c01c4cdff..2d9f5e2f6d4 100644 --- a/2021/36xxx/CVE-2021-36206.json +++ b/2021/36xxx/CVE-2021-36206.json @@ -1,18 +1,105 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "productsecurity@jci.com", + "DATE_PUBLIC": "2022-10-25T21:14:00.000Z", "ID": "CVE-2021-36206", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "CEVAS" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "CEVAS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "all versions prior to 1.01.46", + "version_value": "1.01.46" + } + ] + } + } + ] + }, + "vendor_name": "Johnson Controls" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Christian Vierschilling and Caroline Moesler reported this vulnerability to Johnson Controls, Inc." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "All versions of CEVAS prior to 1.01.46 do not sufficiently validate user-controllable input and could allow a user to bypass authentication and retrieve data with specially crafted SQL queries." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories", + "refsource": "CONFIRM", + "url": "https://www.johnsoncontrols.com/cyber-solutions/security-advisories" + }, + { + "name": "ICS-CERT Advisory", + "refsource": "CERT", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-298-05" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Upgrade CEVAS to version 1.01.46. Contact CKS for the upgrade." + } + ], + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38395.json b/2021/38xxx/CVE-2021-38395.json index c95a18cfeaf..921fac425cc 100644 --- a/2021/38xxx/CVE-2021-38395.json +++ b/2021/38xxx/CVE-2021-38395.json @@ -1,18 +1,116 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-10-05T19:14:00.000Z", "ID": "CVE-2021-38395", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Honeywell Experion PKS and ACE Controllers Injection" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Experion PKS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "C200" + }, + { + "version_affected": "=", + "version_value": "C200E" + }, + { + "version_affected": "=", + "version_value": "C300" + }, + { + "version_affected": "=", + "version_value": "ACE controllers" + } + ] + } + } + ] + }, + "vendor_name": "Honeywell" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Rei Henigman and Nadav Erez of Claroty reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to improper neutralization of special elements in output, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition." } ] - } + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74: Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-278-04", + "refsource": "CONFIRM", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-278-04" + }, + { + "name": "https://www.honeywellprocess.com/library/support/notifications/Customer/SN2021-02-22-01-Experion-C300-CCL.pdf", + "refsource": "CONFIRM", + "url": "https://www.honeywellprocess.com/library/support/notifications/Customer/SN2021-02-22-01-Experion-C300-CCL.pdf" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "eng", + "value": "Honeywell recommends users follow all guidance in the Experion Network and Security Planning Guide to prevent attacks by malicious actors.\n\nAdditional information can be found in Honeywell Support document SN2021-02-22-01." + } + ] } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38397.json b/2021/38xxx/CVE-2021-38397.json index d39c724d7e9..db067556b7a 100644 --- a/2021/38xxx/CVE-2021-38397.json +++ b/2021/38xxx/CVE-2021-38397.json @@ -1,18 +1,116 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-10-05T19:14:00.000Z", "ID": "CVE-2021-38397", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Honeywell Experion PKS and ACE Controllers Unrestricted Upload of File with Dangerous Type" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Experion PKS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "C200" + }, + { + "version_affected": "=", + "version_value": "C200E" + }, + { + "version_affected": "=", + "version_value": "C300" + }, + { + "version_affected": "=", + "version_value": "ACE controllers" + } + ] + } + } + ] + }, + "vendor_name": "Honeywell" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Rei Henigman and Nadav Erez of Claroty reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute arbitrary code and cause a denial-of-service condition." } ] - } + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-434: Unrestricted Upload of File with Dangerous Type" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-278-04", + "refsource": "CONFIRM", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-278-04" + }, + { + "name": "https://www.honeywellprocess.com/library/support/notifications/Customer/SN2021-02-22-01-Experion-C300-CCL.pdf", + "refsource": "CONFIRM", + "url": "https://www.honeywellprocess.com/library/support/notifications/Customer/SN2021-02-22-01-Experion-C300-CCL.pdf" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "eng", + "value": "Honeywell recommends users follow all guidance in the Experion Network and Security Planning Guide to prevent attacks by malicious actors.\n\nAdditional information can be found in Honeywell Support document SN2021-02-22-01." + } + ] } \ No newline at end of file diff --git a/2021/38xxx/CVE-2021-38399.json b/2021/38xxx/CVE-2021-38399.json index e23222237d0..7602f990547 100644 --- a/2021/38xxx/CVE-2021-38399.json +++ b/2021/38xxx/CVE-2021-38399.json @@ -1,18 +1,116 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-10-05T19:14:00.000Z", "ID": "CVE-2021-38399", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Honeywell Experion PKS and ACE Controllers Relative Path Traversal" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Experion PKS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "C200" + }, + { + "version_affected": "=", + "version_value": "C200E" + }, + { + "version_affected": "=", + "version_value": "C300" + }, + { + "version_affected": "=", + "version_value": "ACE controllers" + } + ] + } + } + ] + }, + "vendor_name": "Honeywell" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Rei Henigman and Nadav Erez of Claroty reported these vulnerabilities to CISA." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Honeywell Experion PKS C200, C200E, C300, and ACE controllers are vulnerable to relative path traversal, which may allow an attacker access to unauthorized files and directories." } ] - } + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-23: Relative Path Traversal" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-278-04", + "refsource": "CONFIRM", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-278-04" + }, + { + "name": "https://www.honeywellprocess.com/library/support/notifications/Customer/SN2021-02-22-01-Experion-C300-CCL.pdf", + "refsource": "CONFIRM", + "url": "https://www.honeywellprocess.com/library/support/notifications/Customer/SN2021-02-22-01-Experion-C300-CCL.pdf" + } + ] + }, + "source": { + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "eng", + "value": "Honeywell recommends users follow all guidance in the Experion Network and Security Planning Guide to prevent attacks by malicious actors.\n\nAdditional information can be found in Honeywell Support document SN2021-02-22-01." + } + ] } \ No newline at end of file diff --git a/2022/31xxx/CVE-2022-31678.json b/2022/31xxx/CVE-2022-31678.json index 97a1f4c9e05..d9f0cd516f3 100644 --- a/2022/31xxx/CVE-2022-31678.json +++ b/2022/31xxx/CVE-2022-31678.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-31678", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@vmware.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "VMware Cloud Foundation (NSX-V)", + "version": { + "version_data": [ + { + "version_value": "3.11" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "VMware Cloud Foundation contains an XML External Entity (XXE)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.vmware.com/security/advisories/VMSA-2022-0027.html", + "url": "https://www.vmware.com/security/advisories/VMSA-2022-0027.html" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure." } ] } diff --git a/2022/33xxx/CVE-2022-33859.json b/2022/33xxx/CVE-2022-33859.json index 9d4f0464f84..3701f57cc25 100644 --- a/2022/33xxx/CVE-2022-33859.json +++ b/2022/33xxx/CVE-2022-33859.json @@ -1,17 +1,98 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-33859", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "CybersecurityCOE@eaton.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A security vulnerability was discovered in the Eaton Foreseer EPMS software. Foreseer EPMS connects an operation\u2019s vast array of devices to assist in the reduction of energy consumption and avoid unplanned downtime caused by the failures of critical systems. A threat actor may upload arbitrary files using the file upload feature. This vulnerability is present in versions 4.x, 5.x, 6.x & 7.0 to 7.5. A new version (v7.6) containing the remediation has been made available by Eaton and a mitigation has been provided for the affected versions that are currently supported. Customers are advised to update the software to the latest version (v7.6). Foreseer EPMS versions 4.x, 5.x, 6.x are no longer supported by Eaton. Please refer to the End-of-Support notification https://www.eaton.com/in/en-us/catalog/services/foreseer/foreseer-legacy.html ." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-434 Unrestricted Upload of File", + "cweId": "CWE-434" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "Eaton", + "product": { + "product_data": [ + { + "product_name": "Foreseer EPMS", + "version": { + "version_data": [ + { + "version_value": "7.0", + "version_affected": "=" + }, + { + "version_value": "4.0", + "version_affected": "=" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.eaton.com/us/en-us/company/news-insights/cybersecurity/security-notifications.html", + "refsource": "MISC", + "name": "https://www.eaton.com/us/en-us/company/news-insights/cybersecurity/security-notifications.html" + } + ] + }, + "generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "source": { + "advisory": "ETN", + "discovery": "EXTERNAL" + }, + "credits": [ + { + "lang": "en", + "value": "Michael" + } + ], + "impact": { + "cvss": [ + { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:H/A:H", + "version": "3.1" } ] } diff --git a/2022/37xxx/CVE-2022-37913.json b/2022/37xxx/CVE-2022-37913.json index ef8daf562b5..dce376ebf12 100644 --- a/2022/37xxx/CVE-2022-37913.json +++ b/2022/37xxx/CVE-2022-37913.json @@ -4,14 +4,67 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-37913", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aruba EdgeConnect Enterprise Orchestrator (on-premises), Aruba EdgeConnect Enterprise Orchestrator-as-a-Service, Aruba EdgeConnect Enterprise Orchestrator-SP and Aruba EdgeConnect Enterprise Orchestrator Global Enterprise Tenant Orchestrators", + "version": { + "version_data": [ + { + "version_value": "Orchestrator 9.1.2.40051 and below" + }, + { + "version_value": "Orchestrator 9.0.7.40108 and below" + }, + { + "version_value": "Orchestrator 8.10.23.40009 and below" + }, + { + "version_value": "Any older branches of Orchestrator not specifically mentioned" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Authentication Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-015.txt", + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-015.txt" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. Successful exploitation of these vulnerabilities could allow an attacker to gain administrative privileges leading to a complete compromise of the Aruba EdgeConnect Enterprise Orchestrator with versions 9.1.2.40051 and below, 9.0.7.40108 and below, 8.10.23.40009 and below, and any older branches of Orchestrator not specifically mentioned." } ] } diff --git a/2022/37xxx/CVE-2022-37914.json b/2022/37xxx/CVE-2022-37914.json index 0f619c6f3fa..5249f0261aa 100644 --- a/2022/37xxx/CVE-2022-37914.json +++ b/2022/37xxx/CVE-2022-37914.json @@ -4,14 +4,67 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-37914", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aruba EdgeConnect Enterprise Orchestrator (on-premises), Aruba EdgeConnect Enterprise Orchestrator-as-a-Service, Aruba EdgeConnect Enterprise Orchestrator-SP and Aruba EdgeConnect Enterprise Orchestrator Global Enterprise Tenant Orchestrators", + "version": { + "version_data": [ + { + "version_value": "Orchestrator 9.1.2.40051 and below" + }, + { + "version_value": "Orchestrator 9.0.7.40108 and below" + }, + { + "version_value": "Orchestrator 8.10.23.40009 and below" + }, + { + "version_value": "Any older branches of Orchestrator not specifically mentioned" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Authentication Bypass" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-015.txt", + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-015.txt" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Vulnerabilities in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to bypass authentication. Successful exploitation of these vulnerabilities could allow an attacker to gain administrative privileges leading to a complete compromise of the Aruba EdgeConnect Enterprise Orchestrator with versions 9.1.2.40051 and below, 9.0.7.40108 and below, 8.10.23.40009 and below, and any older branches of Orchestrator not specifically mentioned." } ] } diff --git a/2022/37xxx/CVE-2022-37915.json b/2022/37xxx/CVE-2022-37915.json index c15e95cc7a6..11260cce382 100644 --- a/2022/37xxx/CVE-2022-37915.json +++ b/2022/37xxx/CVE-2022-37915.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2022-37915", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security-alert@hpe.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Aruba EdgeConnect Enterprise Orchestrator (on-premises)", + "version": { + "version_data": [ + { + "version_value": "9.1.x branch only, Any 9.1.x Orchestrator instantiated as a new machine with a release prior to 9.1.3.40197, Orchestrators upgraded to 9.1.x were not affected." + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Remote Arbitrary Code Execution" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-015.txt", + "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2022-015.txt" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an unauthenticated remote attacker to run arbitrary commands on the underlying host. Successful exploitation of this vulnerability could allow an attacker to execute arbitrary commands on the underlying operating system leading to a complete system compromise of Aruba EdgeConnect Enterprise Orchestration with versions 9.1.x branch only, Any 9.1.x Orchestrator instantiated as a new machine with a release prior to 9.1.3.40197, Orchestrators upgraded to 9.1.x were not affected." } ] }