admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-12-13 19:01:17 +00:00
parent 430e15c5f0
commit 71f71a403b
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
11 changed files with 719 additions and 634 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

178
2020/4xxx/CVE-2020-4496.json
View File

@ -1,93 +1,93 @@
{
"description" : {
"description_data" : [
{
"value" : "The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validation. IBM X-Force ID: 182046.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-12-10T00:00:00",
"ID" : "CVE-2020-4496",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "10.1.0.0"
},
{
"version_value" : "10.1.8.0"
}
]
},
"product_name" : "Spectrum Protect Plus"
}
]
}
"value": "The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validation. IBM X-Force ID: 182046.",
"lang": "eng"
}
]
}
},
"data_type" : "CVE",
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6525346",
"url" : "https://www.ibm.com/support/pages/node/6525346",
"title" : "IBM Security Bulletin 6525346 (Spectrum Protect Plus)"
},
{
"refsource" : "XF",
"name" : "ibm-spectrum-cve20204496-info-disc (182046)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/182046",
"title" : "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"C" : "H",
"I" : "N",
"UI" : "N",
"AV" : "N",
"AC" : "H",
"S" : "C",
"PR" : "N",
"A" : "N",
"SCORE" : "6.800"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2021-12-10T00:00:00",
"ID": "CVE-2020-4496",
"ASSIGNER": "psirt@us.ibm.com"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "10.1.0.0"
},
{
"version_value": "10.1.8.0"
}
]
},
"product_name": "Spectrum Protect Plus"
}
]
}
}
]
}
]
}
}
}
},
"data_type": "CVE",
"data_version": "4.0",
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6525346",
"url": "https://www.ibm.com/support/pages/node/6525346",
"title": "IBM Security Bulletin 6525346 (Spectrum Protect Plus)"
},
{
"refsource": "XF",
"name": "ibm-spectrum-cve20204496-info-disc (182046)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/182046",
"title": "X-Force Vulnerability Report"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"C": "H",
"I": "N",
"UI": "N",
"AV": "N",
"AC": "H",
"S": "C",
"PR": "N",
"A": "N",
"SCORE": "6.800"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
}

5
2021/31xxx/CVE-2021-31924.json
View File

@ -61,6 +61,11 @@
"url": "https://developers.yubico.com/pam-u2f/",
"refsource": "MISC",
"name": "https://developers.yubico.com/pam-u2f/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-a52d48b1c2",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CRBVOZEMVO72FV4Z5O4GBGSURXHWRGD3/"
}
]
}

50
2021/32xxx/CVE-2021-32024.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-32024",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@blackberry.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BlackBerry QNX Software Development Platform (SDP)",
"version": {
"version_data": [
{
"version_value": "QNX SDP 6.4 to 7.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000089042",
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000089042"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process."
}
]
}

174
2021/38xxx/CVE-2021-38901.json
View File

@ -1,90 +1,90 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6524924 (Spectrum Protect Operations Center)",
"url" : "https://www.ibm.com/support/pages/node/6524924",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6524924"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-spectrum-cve202138901-info-disc (209610)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/209610"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "H",
"A" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.100",
"C" : "H",
"I" : "N",
"AV" : "L",
"UI" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.1"
}
]
},
"product_name" : "Spectrum Protect Operations Center"
}
]
},
"vendor_name" : "IBM"
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information. IBM X-Force ID: 209610.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-38901",
"DATE_PUBLIC" : "2021-12-10T00:00:00",
"STATE" : "PUBLIC"
}
}
]
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6524924 (Spectrum Protect Operations Center)",
"url": "https://www.ibm.com/support/pages/node/6524924",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6524924"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-spectrum-cve202138901-info-disc (209610)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209610"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AC": "H",
"A": "N",
"PR": "N",
"S": "U",
"SCORE": "5.100",
"C": "H",
"I": "N",
"AV": "L",
"UI": "N"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.1"
}
]
},
"product_name": "Spectrum Protect Operations Center"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_version": "4.0",
"description": {
"description_data": [
{
"value": "IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information. IBM X-Force ID: 209610.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-38901",
"DATE_PUBLIC": "2021-12-10T00:00:00",
"STATE": "PUBLIC"
}
}

180
2021/39xxx/CVE-2021-39048.json
View File

@ -1,93 +1,93 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Denial of Service"
}
]
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6524706 (Spectrum Protect)",
"name" : "https://www.ibm.com/support/pages/node/6524706",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6524706"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214438",
"name" : "ibm-spectrum-cve202139048-bo (214438)",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"UI" : "N",
"AV" : "L",
"C" : "N",
"I" : "N",
"S" : "U",
"PR" : "N",
"A" : "H",
"SCORE" : "6.200",
"AC" : "L"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.1"
},
{
"version_value" : "8.1"
}
]
},
"product_name" : "Spectrum Protect"
}
]
},
"vendor_name" : "IBM"
"description": [
{
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
}
},
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2021-39048",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-12-10T00:00:00"
}
}
]
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6524706 (Spectrum Protect)",
"name": "https://www.ibm.com/support/pages/node/6524706",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6524706"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214438",
"name": "ibm-spectrum-cve202139048-bo (214438)",
"refsource": "XF"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
},
"BM": {
"UI": "N",
"AV": "L",
"C": "N",
"I": "N",
"S": "U",
"PR": "N",
"A": "H",
"SCORE": "6.200",
"AC": "L"
}
}
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "7.1"
},
{
"version_value": "8.1"
}
]
},
"product_name": "Spectrum Protect"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"value": "IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438.",
"lang": "eng"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2021-39048",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2021-12-10T00:00:00"
}
}

186
2021/39xxx/CVE-2021-39049.json
View File

@ -1,96 +1,96 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214439."
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-39049",
"DATE_PUBLIC" : "2021-12-10T00:00:00",
"STATE" : "PUBLIC"
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "i2 Analyst's Notebook",
"version" : {
"version_data" : [
{
"version_value" : "9.2.0"
},
{
"version_value" : "9.2.1"
},
{
"version_value" : "9.2.2"
}
]
}
}
]
}
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6525256 (i2 Analyst's Notebook)",
"url" : "https://www.ibm.com/support/pages/node/6525256",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6525256"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214439",
"name" : "ibm-i2-cve202139049-bo (214439)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"AC" : "L",
"A" : "L",
"PR" : "N",
"S" : "U",
"SCORE" : "5.300",
"C" : "L",
"I" : "L",
"AV" : "L",
"UI" : "R"
}
}
},
"data_format" : "MITRE"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214439."
}
]
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-39049",
"DATE_PUBLIC": "2021-12-10T00:00:00",
"STATE": "PUBLIC"
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "i2 Analyst's Notebook",
"version": {
"version_data": [
{
"version_value": "9.2.0"
},
{
"version_value": "9.2.1"
},
{
"version_value": "9.2.2"
}
]
}
}
]
}
}
]
}
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6525256 (i2 Analyst's Notebook)",
"url": "https://www.ibm.com/support/pages/node/6525256",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6525256"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214439",
"name": "ibm-i2-cve202139049-bo (214439)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"AC": "L",
"A": "L",
"PR": "N",
"S": "U",
"SCORE": "5.300",
"C": "L",
"I": "L",
"AV": "L",
"UI": "R"
}
}
},
"data_format": "MITRE"
}

188
2021/39xxx/CVE-2021-39050.json
View File

@ -1,96 +1,96 @@
{
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "9.2.0"
},
{
"version_value" : "9.2.1"
},
{
"version_value" : "9.2.2"
}
]
},
"product_name" : "i2 Analyst's Notebook"
}
]
}
}
]
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-12-10T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-39050"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214440."
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6525258",
"name" : "https://www.ibm.com/support/pages/node/6525258",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6525258 (i2 Analyst's Notebook)"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-i2-cve202139050-bo (214440)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214440"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"A" : "L",
"S" : "U",
"PR" : "N",
"SCORE" : "5.300",
"C" : "L",
"I" : "L",
"AV" : "L",
"UI" : "R"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "9.2.0"
},
{
"version_value": "9.2.1"
},
{
"version_value": "9.2.2"
}
]
},
"product_name": "i2 Analyst's Notebook"
}
]
}
}
]
}
]
}
}
}
},
"data_version": "4.0",
"CVE_data_meta": {
"DATE_PUBLIC": "2021-12-10T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-39050"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214440."
}
]
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6525258",
"name": "https://www.ibm.com/support/pages/node/6525258",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6525258 (i2 Analyst's Notebook)"
},
{
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-i2-cve202139050-bo (214440)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214440"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AC": "L",
"A": "L",
"S": "U",
"PR": "N",
"SCORE": "5.300",
"C": "L",
"I": "L",
"AV": "L",
"UI": "R"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Privileges",
"lang": "eng"
}
]
}
]
}
}

178
2021/39xxx/CVE-2021-39057.json
View File

@ -1,93 +1,93 @@
{
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6525346 (Spectrum Protect Plus)",
"url" : "https://www.ibm.com/support/pages/node/6525346",
"name" : "https://www.ibm.com/support/pages/node/6525346",
"refsource" : "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214616",
"name" : "ibm-spectrum-cve202139057-ssrf (214616)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"UI" : "N",
"C" : "L",
"I" : "L",
"A" : "N",
"S" : "U",
"PR" : "L",
"SCORE" : "4.200",
"AC" : "H"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_format": "MITRE",
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Plus",
"version" : {
"version_data" : [
{
"version_value" : "10.1.0.0"
},
{
"version_value" : "10.1.8.0"
}
]
}
}
]
}
"title": "IBM Security Bulletin 6525346 (Spectrum Protect Plus)",
"url": "https://www.ibm.com/support/pages/node/6525346",
"name": "https://www.ibm.com/support/pages/node/6525346",
"refsource": "CONFIRM"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214616",
"name": "ibm-spectrum-cve202139057-ssrf (214616)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-39057",
"DATE_PUBLIC" : "2021-12-10T00:00:00",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
"value" : "IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 214616.",
"lang" : "eng"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Access",
"lang" : "eng"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AV": "N",
"UI": "N",
"C": "L",
"I": "L",
"A": "N",
"S": "U",
"PR": "L",
"SCORE": "4.200",
"AC": "H"
},
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Spectrum Protect Plus",
"version": {
"version_data": [
{
"version_value": "10.1.0.0"
},
{
"version_value": "10.1.8.0"
}
]
}
}
]
}
}
]
}
]
}
}
}
},
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-39057",
"DATE_PUBLIC": "2021-12-10T00:00:00",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"value": "IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 214616.",
"lang": "eng"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Gain Access",
"lang": "eng"
}
]
}
]
}
}

178
2021/39xxx/CVE-2021-39063.json
View File

@ -1,93 +1,93 @@
{
"CVE_data_meta" : {
"ID" : "CVE-2021-39063",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-12-10T00:00:00"
},
"description" : {
"description_data" : [
{
"value" : "IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 214956.",
"lang" : "eng"
}
]
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"CVE_data_meta": {
"ID": "CVE-2021-39063",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2021-12-10T00:00:00"
},
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Spectrum Protect Plus",
"version" : {
"version_data" : [
{
"version_value" : "10.1.0.0"
},
{
"version_value" : "10.1.8.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"value": "IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 214956.",
"lang": "eng"
}
]
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6525346",
"name" : "https://www.ibm.com/support/pages/node/6525346",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6525346 (Spectrum Protect Plus)"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214956",
"refsource" : "XF",
"name" : "ibm-spectrum-cve202139063-cors (214956)"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"UI" : "N",
"C" : "L",
"I" : "L",
"A" : "N",
"S" : "U",
"PR" : "N",
"SCORE" : "6.500",
"AC" : "L"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spectrum Protect Plus",
"version": {
"version_data": [
{
"version_value": "10.1.0.0"
},
{
"version_value": "10.1.8.0"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
}
}
}
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6525346",
"name": "https://www.ibm.com/support/pages/node/6525346",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6525346 (Spectrum Protect Plus)"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214956",
"refsource": "XF",
"name": "ibm-spectrum-cve202139063-cors (214956)"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AV": "N",
"UI": "N",
"C": "L",
"I": "L",
"A": "N",
"S": "U",
"PR": "N",
"SCORE": "6.500",
"AC": "L"
},
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
}
},
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Access"
}
]
}
]
}
}

18
2021/45xxx/CVE-2021-45039.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-45039",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/45xxx/CVE-2021-45040.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-45040",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}