From 7e4fbb5b62458cf6b35a3ecbf2bb90f06bbad610 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 2 Sep 2021 13:00:59 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/9xxx/CVE-2020-9000.json | 5 ----- 2020/9xxx/CVE-2020-9002.json | 5 ----- 2021/32xxx/CVE-2021-32076.json | 13 +++++++------ 2021/3xxx/CVE-2021-3757.json | 12 ++++++------ 4 files changed, 13 insertions(+), 22 deletions(-) diff --git a/2020/9xxx/CVE-2020-9000.json b/2020/9xxx/CVE-2020-9000.json index c758ef222a7..84f5d2e7e06 100644 --- a/2020/9xxx/CVE-2020-9000.json +++ b/2020/9xxx/CVE-2020-9000.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://www.ultimum.nl/updates/", - "refsource": "MISC", - "name": "https://www.ultimum.nl/updates/" - }, { "refsource": "MISC", "name": "https://websec.nl/blog/", diff --git a/2020/9xxx/CVE-2020-9002.json b/2020/9xxx/CVE-2020-9002.json index 165a37a4684..0b72ff0b845 100644 --- a/2020/9xxx/CVE-2020-9002.json +++ b/2020/9xxx/CVE-2020-9002.json @@ -52,11 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://www.ultimum.nl/updates/", - "refsource": "MISC", - "name": "https://www.ultimum.nl/updates/" - }, { "refsource": "MISC", "name": "https://websec.nl/blog/", diff --git a/2021/32xxx/CVE-2021-32076.json b/2021/32xxx/CVE-2021-32076.json index eaa2746b3e5..d457491f634 100644 --- a/2021/32xxx/CVE-2021-32076.json +++ b/2021/32xxx/CVE-2021-32076.json @@ -1,6 +1,6 @@ { "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", + "ASSIGNER": "psirt@solarwinds.com", "DATE_PUBLIC": "2021-08-20T14:12:00.000Z", "ID": "CVE-2021-32076", "STATE": "PUBLIC", @@ -13,18 +13,19 @@ "product": { "product_data": [ { - "product_name": "n/a", + "product_name": "Web Help Desk", "version": { "version_data": [ { - "version_value": "n/a" + "version_affected": "<=", + "version_value": "12.7.5" } ] } } ] }, - "vendor_name": "n/a" + "vendor_name": "SolarWinds" } ] } @@ -42,7 +43,7 @@ "description_data": [ { "lang": "eng", - "value": "Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. An attacker can access the \u201cWeb Help Desk Getting Started Wizard\u201d, especially the admin account creationpage, from a non-privileged IP address network range or loopback address by intercepting the HTTP request and changing the referrer from the public IP address to the loopback." + "value": "Access Restriction Bypass via referrer spoof was discovered in SolarWinds Web Help Desk 12.7.2. An attacker can access the \u2018Web Help Desk Getting Started Wizard\u2019, especially the admin account creation page, from a non-privileged IP address network range or loopback address by intercepting the HTTP request and changing the referrer from the public IP address to the loopback." } ] }, @@ -71,7 +72,7 @@ "description": [ { "lang": "eng", - "value": "n/a" + "value": "CWE-290 Authentication Bypass by Spoofing" } ] } diff --git a/2021/3xxx/CVE-2021-3757.json b/2021/3xxx/CVE-2021-3757.json index 902a08878d4..7a65e0118ac 100644 --- a/2021/3xxx/CVE-2021-3757.json +++ b/2021/3xxx/CVE-2021-3757.json @@ -70,15 +70,15 @@ }, "references": { "reference_data": [ - { - "name": "https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa" - }, { "name": "https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237", "refsource": "MISC", "url": "https://github.com/immerjs/immer/commit/fa671e55ee9bd42ae08cc239102b665a23958237" + }, + { + "name": "https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/23d38099-71cd-42ed-a77a-71e68094adfa" } ] }, @@ -86,4 +86,4 @@ "advisory": "23d38099-71cd-42ed-a77a-71e68094adfa", "discovery": "EXTERNAL" } -} +} \ No newline at end of file