admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-merge PR#2113

Browse Source 
Auto-merge PR#2113
This commit is contained in:
CVE Team 2021-06-28 11:55:33 -04:00 committed by GitHub
commit be66079ee6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 439 additions and 60 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
2021/20xxx/CVE-2021-20413.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20413",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Guardium Data Encryption (GDE) 4.0.0.4 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196212."
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6444037 (Guardium Data Encryption)",
"url" : "https://www.ibm.com/support/pages/node/6444037",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6444037"
},
{
"name" : "ibm-gde-cve202120413-info-disc (196212)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196212",
"title" : "X-Force Vulnerability Report"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"A" : "N",
"AC" : "L",
"I" : "N",
"PR" : "L",
"AV" : "N",
"S" : "U",
"UI" : "N",
"SCORE" : "4.300",
"C" : "L"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "4.0.0.4"
}
]
},
"product_name" : "Guardium Data Encryption"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"data_version" : "4.0",
"data_format" : "MITRE",
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-06-25T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-20413",
"STATE" : "PUBLIC"
}
}

115
2021/29xxx/CVE-2021-29693.json
View File

@ -1,18 +1,103 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29693",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6467129",
"url" : "https://www.ibm.com/support/pages/node/6467129",
"title" : "IBM Security Bulletin 6467129 (AIX)"
},
{
"name" : "ibm-aix-cve202129693-dos (200255)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/200255"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"A" : "H",
"I" : "N",
"PR" : "H",
"AV" : "N",
"UI" : "N",
"S" : "U",
"SCORE" : "4.900",
"C" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
}
]
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user that is in the with elevated group privileges to cause a denial of service due to a vulnerability in the lpd daemon. IBM X-Force ID: 200255.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "3.1"
}
]
},
"product_name" : "VIOS "
},
{
"version" : {
"version_data" : [
{
"version_value" : "7.1"
},
{
"version_value" : "7.2"
}
]
},
"product_name" : "AIX"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-29693",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-06-25T00:00:00"
}
}

140
2021/29xxx/CVE-2021-29751.json
View File

@ -1,18 +1,128 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29751",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2021-29751",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2021-06-25T00:00:00"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Business Process Manager",
"version" : {
"version_data" : [
{
"version_value" : "8.5"
},
{
"version_value" : "8.6"
}
]
}
},
{
"version" : {
"version_data" : [
{
"version_value" : "18.0"
},
{
"version_value" : "19.0"
},
{
"version_value" : "20.0"
}
]
},
"product_name" : "Business Automation Workflow"
},
{
"version" : {
"version_data" : [
{
"version_value" : "20.0.3.IF002"
},
{
"version_value" : "21.0.1"
}
]
},
"product_name" : "Cloud Pak for Automation"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"data_version" : "4.0",
"data_format" : "MITRE",
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM Business Process Manager 8.5 and 8.6 could allow an authenticated user to obtain sensitive information about another user under nondefault configurations. IBM X-Force ID: 201779."
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6465127",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6465127",
"title" : "IBM Security Bulletin 6465127 (Cloud Pak for Automation)"
},
{
"title" : "IBM Security Bulletin 6467055 (Business Automation Workflow)",
"url" : "https://www.ibm.com/support/pages/node/6467055",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6467055"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/201779",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-baw-cve202129751-info-disc (201779)",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "3.100",
"C" : "L",
"UI" : "N",
"S" : "U",
"AV" : "N",
"PR" : "L",
"I" : "N",
"AC" : "H",
"A" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
}
}

142
2021/29xxx/CVE-2021-29775.json
View File

@ -1,18 +1,130 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29775",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Business Automation Workflow",
"version" : {
"version_data" : [
{
"version_value" : "18.0.0.0"
},
{
"version_value" : "18.0.0.1"
},
{
"version_value" : "18.0.0.2"
},
{
"version_value" : "19.0.0.1"
},
{
"version_value" : "19.0.0.2"
},
{
"version_value" : "19.0.0.3"
},
{
"version_value" : "20.0.0.1"
},
{
"version_value" : "20.0.0.2"
}
]
}
},
{
"product_name" : "Cloud Pak for Automation",
"version" : {
"version_data" : [
{
"version_value" : "20.0.3.IF002"
},
{
"version_value" : "21.0.1"
}
]
}
}
]
}
}
]
}
}
]
}
},
"data_version" : "4.0",
"data_format" : "MITRE",
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"value" : "IBM Business Automation Workflow\t 19.0.03 and 20.0 and IBM Cloud Pak for Automation 20.0.3-IF002 and 21.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203029.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6465127 (Cloud Pak for Automation)",
"url" : "https://www.ibm.com/support/pages/node/6465127",
"name" : "https://www.ibm.com/support/pages/node/6465127",
"refsource" : "CONFIRM"
},
{
"name" : "https://www.ibm.com/support/pages/node/6467057",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6467057",
"title" : "IBM Security Bulletin 6467057 (Business Automation Workflow)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/203029",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"name" : "ibm-bpm-cve202129775-xss (203029)"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"C" : "L",
"SCORE" : "6.400",
"UI" : "N",
"S" : "C",
"AC" : "L",
"A" : "N",
"PR" : "L",
"I" : "L"
},
"TM" : {
"E" : "H",
"RL" : "O",
"RC" : "C"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-06-25T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2021-29775",
"ASSIGNER" : "psirt@us.ibm.com"
}
}