admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-05-26 20:00:42 +00:00
parent b5c3a36697
commit a42b7df539
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
41 changed files with 1143 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2015/3xxx/CVE-2015-3306.json
View File

@ -116,6 +116,11 @@
"name": "http://packetstormsecurity.com/files/131505/ProFTPd-1.3.5-File-Copy.html", "name": "http://packetstormsecurity.com/files/131505/ProFTPd-1.3.5-File-Copy.html",
"refsource": "MISC", "refsource": "MISC",
"url": "http://packetstormsecurity.com/files/131505/ProFTPd-1.3.5-File-Copy.html" "url": "http://packetstormsecurity.com/files/131505/ProFTPd-1.3.5-File-Copy.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162777/ProFTPd-1.3.5-Remote-Command-Execution.html",
"url": "http://packetstormsecurity.com/files/162777/ProFTPd-1.3.5-Remote-Command-Execution.html"
} }
] ]
} }

5
2018/19xxx/CVE-2018-19423.json
View File

@ -56,6 +56,11 @@
"name": "https://github.com/Codiad/Codiad/issues/1098", "name": "https://github.com/Codiad/Codiad/issues/1098",
"refsource": "MISC", "refsource": "MISC",
"url": "https://github.com/Codiad/Codiad/issues/1098" "url": "https://github.com/Codiad/Codiad/issues/1098"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162772/Codiad-2.8.4-Shell-Upload.html",
"url": "http://packetstormsecurity.com/files/162772/Codiad-2.8.4-Shell-Upload.html"
} }
] ]
} }

56
2020/22xxx/CVE-2020-22019.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-22019",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-22019",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Buffer Overflow vulnerability in FFmpeg 4.2 at convolution_y_10bit in libavfilter/vf_vmafmotion.c, which could let a remote malicious user cause a Denial of Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://trac.ffmpeg.org/ticket/8241",
"refsource": "MISC",
"name": "https://trac.ffmpeg.org/ticket/8241"
} }
] ]
} }

61
2020/22xxx/CVE-2020-22020.json
View File

@ -1,17 +1,66 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-22020",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-22020",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Buffer Overflow vulnerability in FFmpeg 4.2 in the build_diff_map function in libavfilter/vf_fieldmatch.c, which could let a remote malicious user cause a Denial of Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://trac.ffmpeg.org/ticket/8239",
"refsource": "MISC",
"name": "https://trac.ffmpeg.org/ticket/8239"
},
{
"refsource": "MISC",
"name": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ce5274c1385d55892a692998923802023526b765",
"url": "http://git.videolan.org/?p=ffmpeg.git;a=commitdiff;h=ce5274c1385d55892a692998923802023526b765"
} }
] ]
} }

56
2020/22xxx/CVE-2020-22021.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2020-22021",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2020-22021",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Buffer Overflow vulnerability in FFmpeg 4.2 at filter_edges function in libavfilter/vf_yadif.c, which could let a remote malicious user cause a Denial of Service."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://trac.ffmpeg.org/ticket/8240",
"refsource": "MISC",
"name": "https://trac.ffmpeg.org/ticket/8240"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28648.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28900.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28901.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28902.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28903.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28904.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28905.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28906.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28907.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28908.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28909.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28910.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/28xxx/CVE-2020-28911.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/", "name": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/",
"url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/" "url": "https://skylightcyber.com/2021/05/20/13-nagios-vulnerabilities-7-will-shock-you/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/162783/Nagios-XI-Fusion-Privilege-Escalation-Cross-Site-Scripting-Code-Execution.html"
} }
] ]
} }

5
2020/29xxx/CVE-2020-29607.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/pluck-cms/pluck/issues/96", "url": "https://github.com/pluck-cms/pluck/issues/96",
"refsource": "MISC", "refsource": "MISC",
"name": "https://github.com/pluck-cms/pluck/issues/96" "name": "https://github.com/pluck-cms/pluck/issues/96"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162785/Pluck-CMS-4.7.13-Remote-Shell-Upload.html",
"url": "http://packetstormsecurity.com/files/162785/Pluck-CMS-4.7.13-Remote-Shell-Upload.html"
} }
] ]
} }

5
2021/21xxx/CVE-2021-21985.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html", "name": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html" "url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html",
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
} }
] ]
}, },

5
2021/21xxx/CVE-2021-21986.json
View File

@ -48,6 +48,11 @@
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html", "name": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html",
"url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html" "url": "https://www.vmware.com/security/advisories/VMSA-2021-0010.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html",
"url": "http://packetstormsecurity.com/files/162812/VMware-Security-Advisory-2021-0010.html"
} }
] ]
}, },

50
2021/22xxx/CVE-2021-22699.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22699", "ID": "CVE-2021-22699",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Modicon M241/M251 logic controllers firmware prior to V5.1.9.1",
"version": {
"version_data": [
{
"version_value": "Modicon M241/M251 logic controllers firmware prior to V5.1.9.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20: Improper Input Validation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-05",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-05"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Input Validation vulnerability exists in Modicon M241/M251 logic controllers firmware prior to V5.1.9.1 that could cause denial of service when specific crafted requests are sent to the controller over HTTP."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22705.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22705", "ID": "CVE-2021-22705",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Harmony HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ) or EcoStruxure Machine Expert (all versions prior to V2.0)",
"version": {
"version_data": [
{
"version_value": "Harmony HMI Products Configured by Vijeo Designer (all versions prior to V6.2 SP11 ) or EcoStruxure Machine Expert (all versions prior to V2.0)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-02",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-02"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability exists that could cause denial of service or unauthorized access to system information when interacting directly with a driver installed by Vijeo Designer or EcoStruxure Machine Expert"
} }
] ]
} }

50
2021/22xxx/CVE-2021-22731.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22731", "ID": "CVE-2021-22731",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior ",
"version": {
"version_data": [
{
"version_value": "Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-640: Weak Password Recovery Mechanism for Forgotten Password"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-01"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Weak Password Recovery Mechanism for Forgotten Password vulnerability exists on Modicon Managed Switch MCSESM* and MCSESP* V8.21 and prior which could cause an unauthorized password change through HTTP / HTTPS when basic user information is known by a remote attacker."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22732.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22732", "ID": "CVE-2021-22732",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior",
"version": {
"version_data": [
{
"version_value": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a code execution issue when an attacker loads unauthorized code on the web server."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22733.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22733", "ID": "CVE-2021-22733",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior",
"version": {
"version_data": [
{
"version_value": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269: Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Privilege Management vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause shell access when unauthorized code is loaded into the system folder."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22734.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22734", "ID": "CVE-2021-22734",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior",
"version": {
"version_data": [
{
"version_value": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347: Improper Verification of Cryptographic Signature"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Verification of Cryptographic Signature vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause remote code execution when an attacker loads unauthorized code."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22735.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22735", "ID": "CVE-2021-22735",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior",
"version": {
"version_data": [
{
"version_value": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-347: Improper Verification of Cryptographic Signature"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Verification of Cryptographic Signature vulnerability exists inhomeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could allow remote code execution when unauthorized code is copied to the device."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22736.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22736", "ID": "CVE-2021-22736",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior",
"version": {
"version_data": [
{
"version_value": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a denial of service when an unauthorized file is uploaded."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22737.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22737", "ID": "CVE-2021-22737",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior",
"version": {
"version_data": [
{
"version_value": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-522: Insufficiently Protected Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Insufficiently Protected Credentials vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access of when credentials are discovered after a brute force attack."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22738.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22738", "ID": "CVE-2021-22738",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior",
"version": {
"version_data": [
{
"version_value": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327: Use of a Broken or Risky Cryptographic Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior that could cause unauthorized access when credentials are discovered after a brute force attack."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22739.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22739", "ID": "CVE-2021-22739",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior",
"version": {
"version_data": [
{
"version_value": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause a device to be compromised when it is first configured."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22740.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22740", "ID": "CVE-2021-22740",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior",
"version": {
"version_data": [
{
"version_value": "homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-04"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Information Exposure vulnerability exists in homeLYnk (Wiser For KNX) and spaceLYnk V2.60 and prior which could cause information to be exposed when an unauthorized file is uploaded."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22741.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22741", "ID": "CVE-2021-22741",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ClearSCADA (all versions), EcoStruxure Geo SCADA Expert 2019 (all versions), and EcoStruxure Geo SCADA Expert 2020 (V83.7742.1 and prior)",
"version": {
"version_data": [
{
"version_value": "ClearSCADA,EcoStruxure Geo SCADA Expert 2019 and EcoStruxure Geo SCADA Expert 2020(see security notification for affected versions)"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-916: Use of Password Hash with Insufficient Computational Effort"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-07",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-07"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Use of Password Hash with Insufficient Computational Effort vulnerability exists in ClearSCADA (all versions), EcoStruxure Geo SCADA Expert 2019 (all versions), and EcoStruxure Geo SCADA Expert 2020 (V83.7742.1 and prior), which could cause the revealing of account credentials when server database files are available. Exposure of these files to an attacker can make the system vulnerable to password decryption attacks. Note that \u201c.sde\u201d configuration export files do not contain user account password hashes."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22742.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22742", "ID": "CVE-2021-22742",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Triconex Model 3009 MP\u00a0installed on Tricon V11.3.x systems",
"version": {
"version_data": [
{
"version_value": "Triconex Model 3009 MP\u00a0installed on Tricon V11.3.x systems"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22743.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22743", "ID": "CVE-2021-22743",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Triconex TCM 4351B\u00a0installed on Tricon V11.3.x systems.",
"version": {
"version_data": [
{
"version_value": "Triconex TCM 4351B\u00a0installed on Tricon V11.3.x systems"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex TCM 4351B installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22744.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22744", "ID": "CVE-2021-22744",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Triconex Model 3009 MP\u00a0installed on Tricon V11.3.x systems",
"version": {
"version_data": [
{
"version_value": "Triconex Model 3009 MP\u00a0installed on Tricon V11.3.x systems"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22745, CVE-2021-22746, and CVE-2021-22747."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22745.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22745", "ID": "CVE-2021-22745",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Triconex Model 3009 MP\u00a0installed on Tricon V11.3.x systems",
"version": {
"version_data": [
{
"version_value": "Triconex Model 3009 MP\u00a0installed on Tricon V11.3.x systems"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22744, CVE-2021-22746, and CVE-2021-22747."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22746.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22746", "ID": "CVE-2021-22746",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Triconex Model 3009 MP\u00a0installed on Tricon V11.3.x systems",
"version": {
"version_data": [
{
"version_value": "Triconex Model 3009 MP\u00a0installed on Tricon V11.3.x systems"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22744, CVE-2021-22745, and CVE-2021-22747."
} }
] ]
} }

50
2021/22xxx/CVE-2021-22747.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0", "data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2021-22747", "ID": "CVE-2021-22747",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cybersecurity@schneider-electric.com",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Triconex Model 3009 MP\u00a0installed on Tricon V11.3.x systems",
"version": {
"version_data": [
{
"version_value": "Triconex Model 3009 MP\u00a0installed on Tricon V11.3.x systems"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-754: Improper Check for Unusual or Exceptional Conditions"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03",
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2021-130-03"
}
]
}, },
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position. This CVE ID is unique from CVE-2021-22742, CVE-2021-22744, CVE-2021-22745, and CVE-2021-22746."
} }
] ]
} }

5
2021/3xxx/CVE-2021-3151.json
View File

@ -61,6 +61,11 @@
"url": "https://www.i-doit.org/news/", "url": "https://www.i-doit.org/news/",
"refsource": "MISC", "refsource": "MISC",
"name": "https://www.i-doit.org/news/" "name": "https://www.i-doit.org/news/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/162815/i-doit-1.15.2-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/162815/i-doit-1.15.2-Cross-Site-Scripting.html"
} }
] ]
} }