diff --git a/2021/44xxx/CVE-2021-44166.json b/2021/44xxx/CVE-2021-44166.json index 65f4105eacf..94ca61a416c 100644 --- a/2021/44xxx/CVE-2021-44166.json +++ b/2021/44xxx/CVE-2021-44166.json @@ -71,7 +71,7 @@ "description_data": [ { "lang": "eng", - "value": "An improper access control vulnerability [CWE-284 ] in FortiToken Mobile\u00a0(Android) external push notification 5.1.0 and below may allow a remote attacker having already obtained\u00a0a user's password to access the protected system during the 2FA procedure, even though\u00a0the\u00a0deny button is clicked by the legitimate user." + "value": "An improper access control vulnerability [CWE-284 ] in FortiToken Mobile (Android) external push notification 5.1.0 and below may allow a remote attacker having already obtained a user's password to access the protected system during the 2FA procedure, even though the deny button is clicked by the legitimate user." } ] } diff --git a/2022/0xxx/CVE-2022-0825.json b/2022/0xxx/CVE-2022-0825.json new file mode 100644 index 00000000000..37628ce58a8 --- /dev/null +++ b/2022/0xxx/CVE-2022-0825.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-0825", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/22xxx/CVE-2022-22301.json b/2022/22xxx/CVE-2022-22301.json index 4a603adca24..0c9c4817bfb 100644 --- a/2022/22xxx/CVE-2022-22301.json +++ b/2022/22xxx/CVE-2022-22301.json @@ -71,7 +71,7 @@ "description_data": [ { "lang": "eng", - "value": "An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiAP-C\u00a0console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running\u00a0CLI commands with specifically crafted arguments." + "value": "An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments." } ] } diff --git a/2022/22xxx/CVE-2022-22303.json b/2022/22xxx/CVE-2022-22303.json index 7ac6e94fab1..9382da9cca7 100644 --- a/2022/22xxx/CVE-2022-22303.json +++ b/2022/22xxx/CVE-2022-22303.json @@ -71,7 +71,7 @@ "description_data": [ { "lang": "eng", - "value": "An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions prior to 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict file." + "value": "An exposure of sensitive system information to an unauthorized control sphere vulnerability [CWE-497] in FortiManager versions prior to 7.0.2, 6.4.7 and 6.2.9 may allow a low privileged authenticated user to gain access to the FortiGate users credentials via the config conflict file." } ] }