admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

IBM20220617-111826

Browse Source 
Added CVE-2022-22485, CVE-2022-30607
This commit is contained in:
Scott Moore - IBM 2022-06-17 11:18:26 -04:00
parent b9c1590467
commit ad1e85f821
No known key found for this signature in database
GPG Key ID: 8E6C411D57F2D75C
2 changed files with 189 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

105
2022/22xxx/CVE-2022-22485.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-22485",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2022-06-16T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2022-22485",
"ASSIGNER" : "psirt@us.ibm.com"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "8.1.0.000"
},
{
"version_value" : "8.1.14.000"
}
]
},
"product_name" : "Spectrum Protect Server"
}
]
}
}
]
}
}
]
}
},
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"value" : "In some cases, an unsuccessful attempt to log into IBM Spectrum Protect Operations Center 8.1.0.000 through 8.1.14.000 does not cause the administrator's invalid sign-on count to be incremented on the IBM Spectrum Protect Server. An attacker could exploit this vulnerability using brute force techniques to gain unauthorized administrative access to the IBM Spectrum Protect Server. IBM X-Force ID: 226325.",
"lang" : "eng"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "H",
"S" : "U",
"UI" : "N",
"AV" : "N",
"A" : "N",
"I" : "N",
"C" : "H",
"SCORE" : "5.900",
"PR" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6595655 (Spectrum Protect Server)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6595655",
"name" : "https://www.ibm.com/support/pages/node/6595655"
},
{
"name" : "ibm-spectrum-cve202222485-info-disc (226325)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/226325",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
}
}

114
2022/30xxx/CVE-2022-30607.json
View File

@ -1,18 +1,102 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-30607",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"value" : "IBM Robotic Process Automation 20.10.0, 20.12.5, 21.0.0, 21.0.1, and 21.0.2 contains a vulnerability that could allow a user to obtain sensitive information due to information properly masked in the control center UI. IBM X-Force ID: 227294.",
"lang" : "eng"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"PR" : "H",
"SCORE" : "2.700",
"C" : "L",
"AV" : "N",
"I" : "N",
"A" : "N",
"S" : "U",
"UI" : "N",
"AC" : "L"
}
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6595759 (Robotic Process Automation)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6595759",
"url" : "https://www.ibm.com/support/pages/node/6595759"
},
{
"name" : "ibm-rpa-cve202230607-info-disc (227294)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/227294",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2022-06-16T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2022-30607"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Robotic Process Automation",
"version" : {
"version_data" : [
{
"version_value" : "21.0.0"
},
{
"version_value" : "21.0.1"
},
{
"version_value" : "21.0.2"
},
{
"version_value" : "20.10.0"
},
{
"version_value" : "20.12.5"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
}
}