mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
parent
d724251d8c
commit
b0aae54821
@ -306,7 +306,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC-Software (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could\ncause a Denial-of-Service condition on the remote and local communication functionality of the\naffected products. A reboot of the system is required to recover the remote and local\ncommunication functionality.\n\nPlease note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC-Software (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). Specially crafted messages sent to the RPC service of the affected products could cause a Denial-of-Service condition on the remote and local communication functionality of the affected products. A reboot of the system is required to recover the remote and local communication functionality. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An\nattacker can gain remote code execution by sending specifically crafted\nobjects to one of its functions.\n\nPlease note that an attacker needs to have access to the Application Highway\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can gain remote code execution by sending specifically crafted objects to one of its functions. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An\nattacker can use methods exposed via this interface to receive password hashes\nof other users and to change user passwords.\n\nPlease note that an attacker needs to have access to the Application Highway\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other users and to change user passwords. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The RMI communication between the client and the Application Server is\nunencrypted. An attacker with access to the communication channel can\nread credentials of a valid user.\n\nPlease note that an attacker needs to have access to the Application Highway\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The RMI communication between the client and the Application Server is unencrypted. An attacker with access to the communication channel can read credentials of a valid user. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The Application Server exposes directory listings and files containing\nsensitive information.\n\nThis vulnerability is independent from CVE-2019-18287.\n\nPlease note that an attacker needs to have access to the Application Highway\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The Application Server exposes directory listings and files containing sensitive information. This vulnerability is independent from CVE-2019-18287. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The Application Server exposes directory listings and files containing\nsensitive information.\n\nThis vulnerability is independent from CVE-2019-18286.\n\nPlease note that an attacker needs to have access to the Application Highway\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). The Application Server exposes directory listings and files containing sensitive information. This vulnerability is independent from CVE-2019-18286. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with valid authentication at the RMI interface could be able to\ngain remote code execution through an unsecured file upload.\n\nPlease note that an attacker needs to have access to the Application Highway\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with valid authentication at the RMI interface could be able to gain remote code execution through an unsecured file upload. Please note that an attacker needs to have access to the Application Highway in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition and potentially gain remote code execution\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18293, CVE-2019-18295, and CVE-2019-18296.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18293, CVE-2019-18295, and CVE-2019-18296. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition and potentially gain remote code execution\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18289, CVE-2019-18295, and CVE-2019-18296.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18289, CVE-2019-18295, and CVE-2019-18296. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition and potentially gain remote code execution\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18289, CVE-2019-18293, and CVE-2019-18296.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18289, CVE-2019-18293, and CVE-2019-18296. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition and potentially gain remote code execution\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18289, CVE-2019-18293, and CVE-2019-18295.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18289, CVE-2019-18293, and CVE-2019-18295. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and low privileges could gain\nroot privileges\nby sending specifically crafted packets to a named pipe.\n\nPlease note that an attacker needs to have local access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and low privileges could gain root privileges by sending specifically crafted packets to a named pipe. Please note that an attacker needs to have local access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302,\nCVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18304, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18305, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18305, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18306, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18306, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, and CVE-2019-18307.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, and CVE-2019-18307. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294,\nCVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303,\nCVE-2019-18304, CVE-2019-18305, and CVE-2019-18306.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18290, CVE-2019-18291, CVE-2019-18292, CVE-2019-18294, CVE-2019-18298, CVE-2019-18299, CVE-2019-18300, CVE-2019-18301, CVE-2019-18302, CVE-2019-18303, CVE-2019-18304, CVE-2019-18305, and CVE-2019-18306. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could\ngain root privileges by manipulating specific files in the local file system.\n\nThis vulnerability is independent from CVE-2019-18309.\n\nPlease note that an attacker needs to have local access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file system. This vulnerability is independent from CVE-2019-18309. Please note that an attacker needs to have local access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could\ngain root privileges by manipulating specific files in the local file system.\n\nThis vulnerability is independent from CVE-2019-18308.\n\nPlease note that an attacker needs to have local access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with local access to the MS3000 Server and a low privileged user account could gain root privileges by manipulating specific files in the local file system. This vulnerability is independent from CVE-2019-18308. Please note that an attacker needs to have local access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 7061/tcp.\n\nThis vulnerability is independent from CVE-2019-18311.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 7061/tcp. This vulnerability is independent from CVE-2019-18311. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a\nDenial-of-Service condition\nby sending specifically crafted packets to port 7061/tcp.\n\nThis vulnerability is independent from CVE-2019-18310.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could trigger a Denial-of-Service condition by sending specifically crafted packets to port 7061/tcp. This vulnerability is independent from CVE-2019-18310. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to enumerate running\nRPC services.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to enumerate running RPC services. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could gain remote code\nexecution\nby sending specifically crafted objects to one of the RPC services.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could gain remote code execution by sending specifically crafted objects to one of the RPC services. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain\nremote code execution\nby sending specifically crafted objects via RMI.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted objects via RMI. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain\nremote code execution\nby sending specifically crafted packets to 8888/tcp.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted packets to 8888/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain\nremote code execution\nby sending specifically crafted packets to 1099/tcp.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain remote code execution by sending specifically crafted packets to 1099/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause\na Denial-of-Service condition\nby sending specifically crafted objects via RMI.\n\nThis vulnerability is independent from CVE-2019-18318 and CVE-2019-18319.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from CVE-2019-18318 and CVE-2019-18319. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server can cause\na Denial-of-Service condition\nby sending specifically crafted objects via RMI.\n\nThis vulnerability is independent from CVE-2019-18317 and CVE-2019-18319.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server can cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from CVE-2019-18317 and CVE-2019-18319. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause\na Denial-of-Service condition\nby sending specifically crafted objects via RMI.\n\nThis vulnerability is independent from CVE-2019-18317 and CVE-2019-18318.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could cause a Denial-of-Service condition by sending specifically crafted objects via RMI. This vulnerability is independent from CVE-2019-18317 and CVE-2019-18318. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to upload\narbitrary files without authentication.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to upload arbitrary files without authentication. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18322.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18322. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system\nby sending specifically crafted packets to port 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18321.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could be able to read and write arbitrary files on the local file system by sending specifically crafted packets to port 5010/tcp. This vulnerability is independent from CVE-2019-18321. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could cause a Denial-of-Service\ncondition and potentially gain remote code execution\nby sending specifically crafted packets to 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service\ncondition and potentially gain remote code execution\nby sending specifically crafted packets to 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18323, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service\ncondition and potentially gain remote code execution\nby sending specifically crafted packets to 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service\ncondition and potentially gain remote code execution\nby sending specifically crafted packets to 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18327, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service\ncondition and potentially gain remote code execution\nby sending specifically crafted packets to 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18328, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service\ncondition and potentially gain remote code execution\nby sending specifically crafted packets to 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18329, and CVE-2019-18330.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18329, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service\ncondition and potentially gain remote code execution\nby sending specifically crafted packets to 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, and CVE-2019-18330.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server can cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, and CVE-2019-18330. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could cause a Denial-of-Service\ncondition and potentially gain remote code execution\nby sending specifically crafted packets to 5010/tcp.\n\nThis vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, and CVE-2019-18329.\n\nPlease note that an attacker needs to have network access to the MS3000\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 MS3000 Migration Server (All versions). An attacker with network access to the MS3000 Server could cause a Denial-of-Service condition and potentially gain remote code execution by sending specifically crafted packets to 5010/tcp. This vulnerability is independent from CVE-2019-18323, CVE-2019-18324, CVE-2019-18325, CVE-2019-18326, CVE-2019-18327, CVE-2019-18328, and CVE-2019-18329. Please note that an attacker needs to have network access to the MS3000 in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access\nto path and filenames on the server\nby sending specifically crafted packets to 1099/tcp.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access to path and filenames on the server by sending specifically crafted packets to 1099/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access\nto directory listings of the server\nby sending specifically crafted packets to 80/tcp, 8095/tcp or 8080/tcp.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access to directory listings of the server by sending specifically crafted packets to 80/tcp, 8095/tcp or 8080/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access\nto filenames on the server\nby sending specifically crafted packets to 8090/tcp.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could gain access to filenames on the server by sending specifically crafted packets to 8090/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to enumerate valid user names\nby sending specifically crafted packets to 8090/tcp.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to enumerate valid user names by sending specifically crafted packets to 8090/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -46,7 +46,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to gain access\nto logs and configuration files\nby sending specifically crafted packets to 80/tcp.\n\nPlease note that an attacker needs to have network access to the Application Server\nin order to exploit this vulnerability.\n\nAt the time of advisory publication no public exploitation of this security\nvulnerability was known."
|
||||
"value": "A vulnerability has been identified in SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2). An attacker with network access to the Application Server could be able to gain access to logs and configuration files by sending specifically crafted packets to 80/tcp. Please note that an attacker needs to have network access to the Application Server in order to exploit this vulnerability. At the time of advisory publication no public exploitation of this security vulnerability was known."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
@ -1,18 +1,77 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@documentfoundation.org",
|
||||
"ID": "CVE-2021-25636",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Incorrect trust validation of signature with ambiguous KeyInfo children"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "LibreOffice",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "7.2",
|
||||
"version_value": "7.2.5"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "The Document Foundation"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"credit": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Thanks to NDS of Ruhr University Bochum for discovering and reporting this problem."
|
||||
}
|
||||
],
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "LibreOffice supports digital signatures of ODF documents and macros within documents, presenting visual aids that no alteration of the document occurred since the last signing and that the signature is valid. An Improper Certificate Validation vulnerability in LibreOffice allowed an attacker to create a digitally signed ODF document, by manipulating the documentsignatures.xml or macrosignatures.xml stream within the document to contain both \"X509Data\" and \"KeyValue\" children of the \"KeyInfo\" tag, which when opened caused LibreOffice to verify using the \"KeyValue\" but to report verification with the unrelated \"X509Data\" value. This issue affects: The Document Foundation LibreOffice 7.2 versions prior to 7.2.5."
|
||||
}
|
||||
]
|
||||
},
|
||||
"generator": {
|
||||
"engine": "Vulnogram 0.0.9"
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-347 Improper Verification of Cryptographic Signature"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"url": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636/",
|
||||
"name": "https://www.libreoffice.org/about-us/security/advisories/CVE-2021-25636/"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"discovery": "EXTERNAL"
|
||||
}
|
||||
}
|
@ -66,6 +66,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20220217-0016/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20220217-0016/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf",
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -66,6 +66,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20220217-0012/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20220217-0012/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf",
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -66,6 +66,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20220216-0008/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20220216-0008/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf",
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -61,6 +61,11 @@
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://security.netapp.com/advisory/ntap-20220217-0013/",
|
||||
"url": "https://security.netapp.com/advisory/ntap-20220217-0013/"
|
||||
},
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf",
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-306654.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -53,8 +53,9 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-949188.pdf"
|
||||
"refsource": "MISC",
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-949188.pdf",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-949188.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -53,8 +53,9 @@
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-949188.pdf"
|
||||
"refsource": "MISC",
|
||||
"url": "https://cert-portal.siemens.com/productcert/pdf/ssa-949188.pdf",
|
||||
"name": "https://cert-portal.siemens.com/productcert/pdf/ssa-949188.pdf"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
@ -1,89 +1,89 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@huntr.dev",
|
||||
"ID": "CVE-2022-0676",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Heap-based Buffer Overflow in radareorg/radare2"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "radareorg/radare2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_value": "5.6.4"
|
||||
}
|
||||
]
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@huntr.dev",
|
||||
"ID": "CVE-2022-0676",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Heap-based Buffer Overflow in radareorg/radare2"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "radareorg/radare2",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_value": "5.6.4"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "radareorg"
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "radareorg"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4."
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.8,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||||
"version": "3.0"
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-122 Heap-based Buffer Overflow"
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Heap-based Buffer Overflow in NPM radare2.js prior to 5.6.4."
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"name": "https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485"
|
||||
},
|
||||
{
|
||||
"name": "https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "5ad814a1-5dd3-43f4-869b-33b8dab78485",
|
||||
"discovery": "EXTERNAL"
|
||||
}
|
||||
}
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "LOCAL",
|
||||
"availabilityImpact": "HIGH",
|
||||
"baseScore": 7.8,
|
||||
"baseSeverity": "HIGH",
|
||||
"confidentialityImpact": "HIGH",
|
||||
"integrityImpact": "HIGH",
|
||||
"privilegesRequired": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "REQUIRED",
|
||||
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||||
"version": "3.0"
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-122 Heap-based Buffer Overflow"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"name": "https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://huntr.dev/bounties/5ad814a1-5dd3-43f4-869b-33b8dab78485"
|
||||
},
|
||||
{
|
||||
"name": "https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/radareorg/radare2/commit/c84b7232626badd075caf3ae29661b609164bac6"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "5ad814a1-5dd3-43f4-869b-33b8dab78485",
|
||||
"discovery": "EXTERNAL"
|
||||
}
|
||||
}
|
18
2022/0xxx/CVE-2022-0730.json
Normal file
18
2022/0xxx/CVE-2022-0730.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-0730",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
@ -1,89 +1,18 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ASSIGNER": "security@huntr.dev",
|
||||
"ID": "CVE-2022-0731",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Improper Access Control (IDOR) in dolibarr/dolibarr"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "dolibarr/dolibarr",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_value": "16.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "dolibarr"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Improper Access Control (IDOR) in GitHub repository dolibarr/dolibarr prior to 16.0."
|
||||
}
|
||||
]
|
||||
},
|
||||
"impact": {
|
||||
"cvss": {
|
||||
"attackComplexity": "LOW",
|
||||
"attackVector": "NETWORK",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 5.4,
|
||||
"baseSeverity": "MEDIUM",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"scope": "UNCHANGED",
|
||||
"userInteraction": "NONE",
|
||||
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N",
|
||||
"version": "3.0"
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "CWE-284 Improper Access Control"
|
||||
}
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-0731",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"name": "https://huntr.dev/bounties/e242ab4e-fc70-4b2c-a42d-5b3ee4895de8",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://huntr.dev/bounties/e242ab4e-fc70-4b2c-a42d-5b3ee4895de8"
|
||||
},
|
||||
{
|
||||
"name": "https://github.com/dolibarr/dolibarr/commit/209ab708d4b65fbd88ba4340d60b7822cb72651a",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/dolibarr/dolibarr/commit/209ab708d4b65fbd88ba4340d60b7822cb72651a"
|
||||
}
|
||||
]
|
||||
},
|
||||
"source": {
|
||||
"advisory": "e242ab4e-fc70-4b2c-a42d-5b3ee4895de8",
|
||||
"discovery": "EXTERNAL"
|
||||
}
|
||||
}
|
||||
}
|
18
2022/21xxx/CVE-2022-21182.json
Normal file
18
2022/21xxx/CVE-2022-21182.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-21182",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
18
2022/21xxx/CVE-2022-21209.json
Normal file
18
2022/21xxx/CVE-2022-21209.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-21209",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
@ -4,14 +4,63 @@
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-23043",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ASSIGNER": "help@fluidattacks.com",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "n/a",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "Zenario CMS",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "9.2"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Insecure file upload (RCE)"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://fluidattacks.com/advisories/simone/",
|
||||
"url": "https://fluidattacks.com/advisories/simone/"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://github.com/TribalSystems/Zenario/releases/tag/9.2.55826",
|
||||
"url": "https://github.com/TribalSystems/Zenario/releases/tag/9.2.55826"
|
||||
}
|
||||
]
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Zenario CMS 9.2 allows an authenticated admin user to bypass the file upload restriction by creating a new 'File/MIME Types' using the '.phar' extension. Then an attacker can upload a malicious file, intercept the request and change the extension to '.phar' in order to run commands on the server."
|
||||
}
|
||||
]
|
||||
}
|
||||
|
18
2022/23xxx/CVE-2022-23985.json
Normal file
18
2022/23xxx/CVE-2022-23985.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-23985",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
18
2022/24xxx/CVE-2022-24910.json
Normal file
18
2022/24xxx/CVE-2022-24910.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-24910",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
18
2022/25xxx/CVE-2022-25170.json
Normal file
18
2022/25xxx/CVE-2022-25170.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-25170",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
18
2022/25xxx/CVE-2022-25172.json
Normal file
18
2022/25xxx/CVE-2022-25172.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-25172",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
18
2022/25xxx/CVE-2022-25762.json
Normal file
18
2022/25xxx/CVE-2022-25762.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-25762",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
18
2022/25xxx/CVE-2022-25763.json
Normal file
18
2022/25xxx/CVE-2022-25763.json
Normal file
@ -0,0 +1,18 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-25763",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user