admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

jpcert/202108181430 batch.

Browse Source
This commit is contained in:
Yozo TODA 2021-08-18 14:29:41 +09:00
parent a95b207eb5
commit a6b938bb62
No known key found for this signature in database
GPG Key ID: D778421BF418109E
24 changed files with 1255 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
2021/20xxx/CVE-2021-20753.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20753",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in Scheduler of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20753"
}
}

60
2021/20xxx/CVE-2021-20754.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Improper Input Validation",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20754",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper input validation vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Workflow without the appropriate privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20754"
}
}

60
2021/20xxx/CVE-2021-20755.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Viewing restrictions bypass",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20755",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Viewing restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the viewing privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20755"
}
}

60
2021/20xxx/CVE-2021-20756.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Viewing restrictions bypass",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20756",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Viewing restrictions bypass vulnerability in Address of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Address without the viewing privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20756"
}
}

60
2021/20xxx/CVE-2021-20757.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Operational restrictions bypass",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20757",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Operational restrictions bypass vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20757"
}
}

60
2021/20xxx/CVE-2021-20758.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site request forgery",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20758",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site request forgery (CSRF) vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to hijack the authentication of administrators and perform an arbitrary operation via unspecified vectors.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20758"
}
}

60
2021/20xxx/CVE-2021-20759.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Operational restrictions bypass",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20759",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.6.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Operational restrictions bypass vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to alter the data of Portal without the appropriate privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20759"
}
}

60
2021/20xxx/CVE-2021-20760.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Improper Input Validation",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20760",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper input validation vulnerability in User Profile of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to alter the data of User Profile without the appropriate privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20760"
}
}

60
2021/20xxx/CVE-2021-20761.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Improper Input Validation",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20761",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker with an administrative privilege to alter the data of E-mail without the appropriate privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20761"
}
}

60
2021/20xxx/CVE-2021-20762.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Improper Input Validation",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20762",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper input validation vulnerability in E-mail of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated to alter the data of E-mail without the appropriate privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20762"
}
}

60
2021/20xxx/CVE-2021-20763.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Operational restrictions bypass",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20763",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Operational restrictions bypass vulnerability in Portal of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to obtain the data of Portal without the appropriate privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20763"
}
}

60
2021/20xxx/CVE-2021-20764.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Improper Input Validation",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20764",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper input validation vulnerability in Attaching Files of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to alter the data of Attaching Files.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20764"
}
}

60
2021/20xxx/CVE-2021-20765.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20765",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20765"
}
}

60
2021/20xxx/CVE-2021-20766.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20766",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in Message of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote attacker to inject an arbitrary script via unspecified vectors.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20766"
}
}

60
2021/20xxx/CVE-2021-20767.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20767",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in Full Text Search of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20767"
}
}

60
2021/20xxx/CVE-2021-20768.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Operational restrictions bypass",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20768",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Operational restrictions bypass vulnerability in Scheduler and MultiReport of Cybozu Garoon 4.0.0 to 5.0.2 allows a remote authenticated attacker to delete the data of Scheduler and MultiReport without the appropriate privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20768"
}
}

60
2021/20xxx/CVE-2021-20769.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20769",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.6.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in Bulletin of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20769"
}
}

60
2021/20xxx/CVE-2021-20770.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20770",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.6.0 to 5.0.2"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in Message of Cybozu Garoon 4.6.0 to 5.0.2 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20770"
}
}

60
2021/20xxx/CVE-2021-20771.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20771",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.5.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in some functions of Group Mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote attacker to inject an arbitrary script via unspecified vectors.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20771"
}
}

60
2021/20xxx/CVE-2021-20772.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Information Disclosure",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20772",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.10.0 to 5.5.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Information disclosure vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the title of Bulletin without the viewing privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20772"
}
}

60
2021/20xxx/CVE-2021-20773.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Vulnerability where information is deleted unintentionally",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20773",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.5.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "There is a vulnerability in Workflow of Cybozu Garoon 4.0.0 to 5.5.0, which may allow a remote authenticated attacker to delete the route information Workflow without the appropriate privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20773"
}
}

62
2021/20xxx/CVE-2021-20774.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20774",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.0.0 to 5.5.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in some functions of E-mail of Cybozu Garoon 4.0.0 to 5.5.0 allows a remote authenticated attacker to inject an arbitrary script via unspecified vectors.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20774"
}
}
}

60
2021/20xxx/CVE-2021-20775.json
View File

@ -1,18 +1,62 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Improper Input Validation",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20775",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Cybozu, Inc.",
"product": {
"product_data": [
{
"product_name": "Cybozu Garoon",
"version": {
"version_data": [
{
"version_value": "4.10.0 to 5.5.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://cs.cybozu.co.jp/2021/007206.html"
},
{
"url": "https://jvn.jp/en/jp/JVN54794245/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Improper input validation vulnerability in Bulletin of Cybozu Garoon 4.10.0 to 5.5.0 allows a remote authenticated attacker to obtain the data of Comment and Space without the viewing privilege.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20775"
}
}

66
2021/20xxx/CVE-2021-20792.json
View File

@ -1,18 +1,68 @@
{
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Cross-site scripting",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20792",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ExpressTech",
"product": {
"product_data": [
{
"product_name": "Quiz And Survey Master",
"version": {
"version_data": [
{
"version_value": "versions prior to 7.1.14"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://quizandsurveymaster.com/"
},
{
"url": "https://wordpress.org/plugins/quiz-master-next/"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?new=2503364%40quiz-master-next%2Ftrunk%2Fphp%2Fadmin%2Fquizzes-page.php&old=2490516%40quiz-master-next%2Ftrunk%2Fphp%2Fadmin%2Fquizzes-page.php"
},
{
"url": "https://jvn.jp/en/jp/JVN65388002/index.html"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site scripting vulnerability in Quiz And Survey Master versions prior to 7.1.14 allows a remote attacker to inject arbitrary script via unspecified vectors.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2021-20792"
}
}