admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-09-20 02:00:46 +00:00
parent aa5c6c30af
commit c7cbe5719a
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
2 changed files with 74 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

70
2022/34xxx/CVE-2022-34746.json
View File

@ -1 +1,69 @@
{"data_type":"CVE","data_format":"MITRE","data_version":"4.0","CVE_data_meta":{"ASSIGNER":"PSIRT@zyxel.com.tw","ID":"CVE-2022-34746"},"affects":{"vendor":{"vendor_data":[{"vendor_name":"Zyxel","product":{"product_data":[{"product_name":"Zyxel GS1900 series firmware","version":{"version_data":[{"version_value":"< V2.70"}]}}]}}]}},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"CWE-331: Insufficient Entropy"}]}]},"references":{"reference_data":[{"refsource":"CONFIRM","name":"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-insufficient-entropy-vulnerability-of-gs1900-series-switches","url":"https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-insufficient-entropy-vulnerability-of-gs1900-series-switches"}]},"impact":{"cvss":{"baseScore":"5.9","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N","version":"3.1"}},"description":{"description_data":[{"lang":"eng","value":"An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring the RSA modulus N in the certificate of the web administration interface."}]}}
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@zyxel.com.tw",
"ID": "CVE-2022-34746",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Zyxel",
"product": {
"product_data": [
{
"product_name": "Zyxel GS1900 series firmware",
"version": {
"version_data": [
{
"version_value": "< V2.70"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-331: Insufficient Entropy"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-insufficient-entropy-vulnerability-of-gs1900-series-switches",
"url": "https://www.zyxel.com/global/en/support/security-advisories/zyxel-security-advisory-for-insufficient-entropy-vulnerability-of-gs1900-series-switches"
}
]
},
"impact": {
"cvss": {
"baseScore": "5.9",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "An insufficient entropy vulnerability caused by the improper use of randomness sources with low entropy for RSA key pair generation was found in Zyxel GS1900 series firmware versions prior to V2.70. This vulnerability could allow an unauthenticated attacker to retrieve a private key by factoring the RSA modulus N in the certificate of the web administration interface."
}
]
}
}

5
2022/3xxx/CVE-2022-3123.json
View File

@ -79,6 +79,11 @@
"name": "https://github.com/splitbrain/dokuwiki/commit/63e9a247c072008a031f9db39fa496f6aca489b6",
"refsource": "MISC",
"url": "https://github.com/splitbrain/dokuwiki/commit/63e9a247c072008a031f9db39fa496f6aca489b6"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2022-fd641dbf35",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LLNV7GYZPGLIKBLISVQUREQXE3WHI5R2/"
}
]
},