admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-12-13 19:01:17 +00:00
parent 430e15c5f0
commit 71f71a403b
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
11 changed files with 719 additions and 634 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

108
2020/4xxx/CVE-2020-4496.json
View File

@ -1,37 +1,37 @@
{
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"value" : "The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validation. IBM X-Force ID: 182046.",
"lang" : "eng"
"value": "The IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x server connection to an IBM Spectrum Protect Plus workload agent is subject to a man-in-the-middle attack due to improper certificate validation. IBM X-Force ID: 182046.",
"lang": "eng"
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-12-10T00:00:00",
"ID" : "CVE-2020-4496",
"ASSIGNER" : "psirt@us.ibm.com"
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2021-12-10T00:00:00",
"ID": "CVE-2020-4496",
"ASSIGNER": "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "10.1.0.0"
"version_value": "10.1.0.0"
},
{
"version_value" : "10.1.8.0"
"version_value": "10.1.8.0"
}
]
},
"product_name" : "Spectrum Protect Plus"
"product_name": "Spectrum Protect Plus"
}
]
}
@ -39,52 +39,52 @@
]
}
},
"data_type" : "CVE",
"data_version" : "4.0",
"references" : {
"reference_data" : [
"data_type": "CVE",
"data_version": "4.0",
"references": {
"reference_data": [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6525346",
"url" : "https://www.ibm.com/support/pages/node/6525346",
"title" : "IBM Security Bulletin 6525346 (Spectrum Protect Plus)"
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6525346",
"url": "https://www.ibm.com/support/pages/node/6525346",
"title": "IBM Security Bulletin 6525346 (Spectrum Protect Plus)"
},
{
"refsource" : "XF",
"name" : "ibm-spectrum-cve20204496-info-disc (182046)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/182046",
"title" : "X-Force Vulnerability Report"
"refsource": "XF",
"name": "ibm-spectrum-cve20204496-info-disc (182046)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/182046",
"title": "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"C" : "H",
"I" : "N",
"UI" : "N",
"AV" : "N",
"AC" : "H",
"S" : "C",
"PR" : "N",
"A" : "N",
"SCORE" : "6.800"
"impact": {
"cvssv3": {
"BM": {
"C": "H",
"I": "N",
"UI": "N",
"AV": "N",
"AC": "H",
"S": "C",
"PR": "N",
"A": "N",
"SCORE": "6.800"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}

5
2021/31xxx/CVE-2021-31924.json
View File

@ -61,6 +61,11 @@
"url": "https://developers.yubico.com/pam-u2f/",
"refsource": "MISC",
"name": "https://developers.yubico.com/pam-u2f/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2021-a52d48b1c2",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CRBVOZEMVO72FV4Z5O4GBGSURXHWRGD3/"
}
]
}

50
2021/32xxx/CVE-2021-32024.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-32024",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "secure@blackberry.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BlackBerry QNX Software Development Platform (SDP)",
"version": {
"version_data": [
{
"version_value": "QNX SDP 6.4 to 7.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote code execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://support.blackberry.com/kb/articleDetail?articleNumber=000089042",
"url": "http://support.blackberry.com/kb/articleDetail?articleNumber=000089042"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A remote code execution vulnerability in the BMP image codec of BlackBerry QNX SDP version(s) 6.4 to 7.1 could allow an attacker to potentially execute code in the context of the affected process."
}
]
}

106
2021/38xxx/CVE-2021-38901.json
View File

@ -1,90 +1,90 @@
{
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Obtain Information"
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
"data_format": "MITRE",
"references": {
"reference_data": [
{
"title" : "IBM Security Bulletin 6524924 (Spectrum Protect Operations Center)",
"url" : "https://www.ibm.com/support/pages/node/6524924",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6524924"
"title": "IBM Security Bulletin 6524924 (Spectrum Protect Operations Center)",
"url": "https://www.ibm.com/support/pages/node/6524924",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6524924"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-spectrum-cve202138901-info-disc (209610)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/209610"
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-spectrum-cve202138901-info-disc (209610)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/209610"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "H",
"A" : "N",
"PR" : "N",
"S" : "U",
"SCORE" : "5.100",
"C" : "H",
"I" : "N",
"AV" : "L",
"UI" : "N"
"impact": {
"cvssv3": {
"BM": {
"AC": "H",
"A": "N",
"PR": "N",
"S": "U",
"SCORE": "5.100",
"C": "H",
"I": "N",
"AV": "L",
"UI": "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "7.1"
"version_value": "7.1"
}
]
},
"product_name" : "Spectrum Protect Operations Center"
"product_name": "Spectrum Protect Operations Center"
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_version": "4.0",
"description": {
"description_data": [
{
"value" : "IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information. IBM X-Force ID: 209610.",
"lang" : "eng"
"value": "IBM Spectrum Protect Operations Center 7.1, under special configurations, could allow a local user to obtain highly sensitive information. IBM X-Force ID: 209610.",
"lang": "eng"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-38901",
"DATE_PUBLIC" : "2021-12-10T00:00:00",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-38901",
"DATE_PUBLIC": "2021-12-10T00:00:00",
"STATE": "PUBLIC"
}
}

108
2021/39xxx/CVE-2021-39048.json
View File

@ -1,93 +1,93 @@
{
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Denial of Service"
"lang": "eng",
"value": "Denial of Service"
}
]
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
"data_format": "MITRE",
"references": {
"reference_data": [
{
"title" : "IBM Security Bulletin 6524706 (Spectrum Protect)",
"name" : "https://www.ibm.com/support/pages/node/6524706",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6524706"
"title": "IBM Security Bulletin 6524706 (Spectrum Protect)",
"name": "https://www.ibm.com/support/pages/node/6524706",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6524706"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214438",
"name" : "ibm-spectrum-cve202139048-bo (214438)",
"refsource" : "XF"
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214438",
"name": "ibm-spectrum-cve202139048-bo (214438)",
"refsource": "XF"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
},
"BM" : {
"UI" : "N",
"AV" : "L",
"C" : "N",
"I" : "N",
"S" : "U",
"PR" : "N",
"A" : "H",
"SCORE" : "6.200",
"AC" : "L"
"BM": {
"UI": "N",
"AV": "L",
"C": "N",
"I": "N",
"S": "U",
"PR": "N",
"A": "H",
"SCORE": "6.200",
"AC": "L"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "7.1"
"version_value": "7.1"
},
{
"version_value" : "8.1"
"version_value": "8.1"
}
]
},
"product_name" : "Spectrum Protect"
"product_name": "Spectrum Protect"
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"value" : "IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438.",
"lang" : "eng"
"value": "IBM Spectrum Protect Client 7.1 and 8.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking. A local attacker could exploit this vulnerability and cause a denial of service. IBM X-Force ID: 214438.",
"lang": "eng"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2021-39048",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-12-10T00:00:00"
"CVE_data_meta": {
"ID": "CVE-2021-39048",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2021-12-10T00:00:00"
}
}

110
2021/39xxx/CVE-2021-39049.json
View File

@ -1,50 +1,50 @@
{
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Gain Privileges"
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214439."
"lang": "eng",
"value": "IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214439."
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-39049",
"DATE_PUBLIC" : "2021-12-10T00:00:00",
"STATE" : "PUBLIC"
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-39049",
"DATE_PUBLIC": "2021-12-10T00:00:00",
"STATE": "PUBLIC"
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name" : "i2 Analyst's Notebook",
"version" : {
"version_data" : [
"product_name": "i2 Analyst's Notebook",
"version": {
"version_data": [
{
"version_value" : "9.2.0"
"version_value": "9.2.0"
},
{
"version_value" : "9.2.1"
"version_value": "9.2.1"
},
{
"version_value" : "9.2.2"
"version_value": "9.2.2"
}
]
}
@ -55,42 +55,42 @@
]
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
"data_version": "4.0",
"references": {
"reference_data": [
{
"title" : "IBM Security Bulletin 6525256 (i2 Analyst's Notebook)",
"url" : "https://www.ibm.com/support/pages/node/6525256",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6525256"
"title": "IBM Security Bulletin 6525256 (i2 Analyst's Notebook)",
"url": "https://www.ibm.com/support/pages/node/6525256",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6525256"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214439",
"name" : "ibm-i2-cve202139049-bo (214439)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214439",
"name": "ibm-i2-cve202139049-bo (214439)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM" : {
"AC" : "L",
"A" : "L",
"PR" : "N",
"S" : "U",
"SCORE" : "5.300",
"C" : "L",
"I" : "L",
"AV" : "L",
"UI" : "R"
"BM": {
"AC": "L",
"A": "L",
"PR": "N",
"S": "U",
"SCORE": "5.300",
"C": "L",
"I": "L",
"AV": "L",
"UI": "R"
}
}
},
"data_format" : "MITRE"
"data_format": "MITRE"
}

110
2021/39xxx/CVE-2021-39050.json
View File

@ -1,27 +1,27 @@
{
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version" : {
"version_data" : [
"version": {
"version_data": [
{
"version_value" : "9.2.0"
"version_value": "9.2.0"
},
{
"version_value" : "9.2.1"
"version_value": "9.2.1"
},
{
"version_value" : "9.2.2"
"version_value": "9.2.2"
}
]
},
"product_name" : "i2 Analyst's Notebook"
"product_name": "i2 Analyst's Notebook"
}
]
}
@ -29,65 +29,65 @@
]
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-12-10T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-39050"
"data_version": "4.0",
"CVE_data_meta": {
"DATE_PUBLIC": "2021-12-10T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-39050"
},
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"lang" : "eng",
"value" : "IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214440."
"lang": "eng",
"value": "IBM i2 Analyst's Notebook 9.2.0, 9.2.1, and 9.2.2 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 214440."
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
"data_format": "MITRE",
"references": {
"reference_data": [
{
"url" : "https://www.ibm.com/support/pages/node/6525258",
"name" : "https://www.ibm.com/support/pages/node/6525258",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6525258 (i2 Analyst's Notebook)"
"url": "https://www.ibm.com/support/pages/node/6525258",
"name": "https://www.ibm.com/support/pages/node/6525258",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6525258 (i2 Analyst's Notebook)"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-i2-cve202139050-bo (214440)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214440"
"title": "X-Force Vulnerability Report",
"refsource": "XF",
"name": "ibm-i2-cve202139050-bo (214440)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214440"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"A" : "L",
"S" : "U",
"PR" : "N",
"SCORE" : "5.300",
"C" : "L",
"I" : "L",
"AV" : "L",
"UI" : "R"
"impact": {
"cvssv3": {
"BM": {
"AC": "L",
"A": "L",
"S": "U",
"PR": "N",
"SCORE": "5.300",
"C": "L",
"I": "L",
"AV": "L",
"UI": "R"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Gain Privileges",
"lang" : "eng"
"value": "Gain Privileges",
"lang": "eng"
}
]
}

108
2021/39xxx/CVE-2021-39057.json
View File

@ -1,58 +1,58 @@
{
"data_format" : "MITRE",
"references" : {
"reference_data" : [
"data_format": "MITRE",
"references": {
"reference_data": [
{
"title" : "IBM Security Bulletin 6525346 (Spectrum Protect Plus)",
"url" : "https://www.ibm.com/support/pages/node/6525346",
"name" : "https://www.ibm.com/support/pages/node/6525346",
"refsource" : "CONFIRM"
"title": "IBM Security Bulletin 6525346 (Spectrum Protect Plus)",
"url": "https://www.ibm.com/support/pages/node/6525346",
"name": "https://www.ibm.com/support/pages/node/6525346",
"refsource": "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214616",
"name" : "ibm-spectrum-cve202139057-ssrf (214616)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214616",
"name": "ibm-spectrum-cve202139057-ssrf (214616)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"UI" : "N",
"C" : "L",
"I" : "L",
"A" : "N",
"S" : "U",
"PR" : "L",
"SCORE" : "4.200",
"AC" : "H"
"impact": {
"cvssv3": {
"BM": {
"AV": "N",
"UI": "N",
"C": "L",
"I": "L",
"A": "N",
"S": "U",
"PR": "L",
"SCORE": "4.200",
"AC": "H"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
}
}
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name" : "Spectrum Protect Plus",
"version" : {
"version_data" : [
"product_name": "Spectrum Protect Plus",
"version": {
"version_data": [
{
"version_value" : "10.1.0.0"
"version_value": "10.1.0.0"
},
{
"version_value" : "10.1.8.0"
"version_value": "10.1.8.0"
}
]
}
@ -63,28 +63,28 @@
]
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-39057",
"DATE_PUBLIC" : "2021-12-10T00:00:00",
"STATE" : "PUBLIC"
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2021-39057",
"DATE_PUBLIC": "2021-12-10T00:00:00",
"STATE": "PUBLIC"
},
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"value" : "IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 214616.",
"lang" : "eng"
"value": "IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 214616.",
"lang": "eng"
}
]
},
"problemtype" : {
"problemtype_data" : [
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"value" : "Gain Access",
"lang" : "eng"
"value": "Gain Access",
"lang": "eng"
}
]
}

108
2021/39xxx/CVE-2021-39063.json
View File

@ -1,90 +1,90 @@
{
"CVE_data_meta" : {
"ID" : "CVE-2021-39063",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-12-10T00:00:00"
"CVE_data_meta": {
"ID": "CVE-2021-39063",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2021-12-10T00:00:00"
},
"description" : {
"description_data" : [
"description": {
"description_data": [
{
"value" : "IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 214956.",
"lang" : "eng"
"value": "IBM Spectrum Protect Plus 10.1.0.0 through 10.1.8.x uses Cross-Origin Resource Sharing (CORS) which could allow an attacker to carry out privileged actions and retrieve sensitive information due to a misconfiguration in access control headers. IBM X-Force ID: 214956.",
"lang": "eng"
}
]
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product" : {
"product_data" : [
"product": {
"product_data": [
{
"product_name" : "Spectrum Protect Plus",
"version" : {
"version_data" : [
"product_name": "Spectrum Protect Plus",
"version": {
"version_data": [
{
"version_value" : "10.1.0.0"
"version_value": "10.1.0.0"
},
{
"version_value" : "10.1.8.0"
"version_value": "10.1.8.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
"vendor_name": "IBM"
}
]
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
"data_version": "4.0",
"references": {
"reference_data": [
{
"url" : "https://www.ibm.com/support/pages/node/6525346",
"name" : "https://www.ibm.com/support/pages/node/6525346",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6525346 (Spectrum Protect Plus)"
"url": "https://www.ibm.com/support/pages/node/6525346",
"name": "https://www.ibm.com/support/pages/node/6525346",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6525346 (Spectrum Protect Plus)"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/214956",
"refsource" : "XF",
"name" : "ibm-spectrum-cve202139063-cors (214956)"
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/214956",
"refsource": "XF",
"name": "ibm-spectrum-cve202139063-cors (214956)"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"UI" : "N",
"C" : "L",
"I" : "L",
"A" : "N",
"S" : "U",
"PR" : "N",
"SCORE" : "6.500",
"AC" : "L"
"impact": {
"cvssv3": {
"BM": {
"AV": "N",
"UI": "N",
"C": "L",
"I": "L",
"A": "N",
"S": "U",
"PR": "N",
"SCORE": "6.500",
"AC": "L"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
}
}
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
"data_format": "MITRE",
"problemtype": {
"problemtype_data": [
{
"description" : [
"description": [
{
"lang" : "eng",
"value" : "Gain Access"
"lang": "eng",
"value": "Gain Access"
}
]
}

18
2021/45xxx/CVE-2021-45039.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-45039",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2021/45xxx/CVE-2021-45040.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-45040",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}