diff --git a/2018/12xxx/CVE-2018-12700.json b/2018/12xxx/CVE-2018-12700.json index b0991d57b07..4f26933c5a9 100644 --- a/2018/12xxx/CVE-2018-12700.json +++ b/2018/12xxx/CVE-2018-12700.json @@ -1,91 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-12700", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-12700", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102", - "refsource": "MISC", - "url": "https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1763102" - }, - { - "name": "104541", - "refsource": "BID", - "url": "http://www.securityfocus.com/bid/104541" - }, - { - "name": "https://sourceware.org/bugzilla/show_bug.cgi?id=23057", - "refsource": "MISC", - "url": "https://sourceware.org/bugzilla/show_bug.cgi?id=23057" - }, - { - "name": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454", - "refsource": "MISC", - "url": "https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85454" - }, - { - "refsource": "GENTOO", - "name": "GLSA-201908-01", - "url": "https://security.gentoo.org/glsa/201908-01" - }, - { - "refsource": "UBUNTU", - "name": "USN-4336-1", - "url": "https://usn.ubuntu.com/4336-1/" - }, - { - "refsource": "MLIST", - "name": "[oss-security] 20211223 binutils: Stack-overflow in debug_write_type in debug.c", - "url": "http://www.openwall.com/lists/oss-security/2021/12/23/1" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2020/12xxx/CVE-2020-12980.json b/2020/12xxx/CVE-2020-12980.json index e4b2a596e7f..3c1da4cc366 100644 --- a/2020/12xxx/CVE-2020-12980.json +++ b/2020/12xxx/CVE-2020-12980.json @@ -1,18 +1,77 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@amd.com", + "DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "ID": "CVE-2020-12980", - "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "AMD Radeon Software ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "Radeon Software", + "version_value": "20.7.1" + }, + { + "version_affected": "<", + "version_name": "Radeon Pro Software for Enterprise ", + "version_value": "21.Q2 " + } + ] + } + } + ] + }, + "vendor_name": "AMD" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none." + "value": "An out of bounds write and read vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NA" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000", + "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000" + } + ] + }, + "source": { + "advisory": "AMD-SB-1000", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12981.json b/2020/12xxx/CVE-2020-12981.json index 9dbf1507cca..a1c3e6e8e47 100644 --- a/2020/12xxx/CVE-2020-12981.json +++ b/2020/12xxx/CVE-2020-12981.json @@ -1,18 +1,77 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@amd.com", + "DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "ID": "CVE-2020-12981", - "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "AMD Radeon Software ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "Radeon Software", + "version_value": "20.7.1" + }, + { + "version_affected": "<", + "version_name": "Radeon Pro Software for Enterprise ", + "version_value": "21.Q2 " + } + ] + } + } + ] + }, + "vendor_name": "AMD" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none." + "value": "An insufficient input validation in the AMD Graphics Driver for Windows 10 may allow unprivileged users to unload the driver, potentially causing memory corruptions in high privileged processes, which can lead to escalation of privileges or denial of service." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NA" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000", + "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000" + } + ] + }, + "source": { + "advisory": "AMD-SB-1000", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12982.json b/2020/12xxx/CVE-2020-12982.json index 15d920fb548..e487bca9231 100644 --- a/2020/12xxx/CVE-2020-12982.json +++ b/2020/12xxx/CVE-2020-12982.json @@ -1,18 +1,77 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@amd.com", + "DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "ID": "CVE-2020-12982", - "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "AMD Radeon Software ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "Radeon Software", + "version_value": "20.7.1" + }, + { + "version_affected": "<", + "version_name": "Radeon Pro Software for Enterprise ", + "version_value": "21.Q2 " + } + ] + } + } + ] + }, + "vendor_name": "AMD" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none." + "value": "An invalid object pointer free vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NA" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000", + "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000" + } + ] + }, + "source": { + "advisory": "AMD-SB-1000", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12983.json b/2020/12xxx/CVE-2020-12983.json index d112698fd27..b5df931b1dc 100644 --- a/2020/12xxx/CVE-2020-12983.json +++ b/2020/12xxx/CVE-2020-12983.json @@ -1,18 +1,77 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@amd.com", + "DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "ID": "CVE-2020-12983", - "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "AMD Radeon Software ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "Radeon Software", + "version_value": "20.7.1" + }, + { + "version_affected": "<", + "version_name": "Radeon Pro Software for Enterprise ", + "version_value": "21.Q2 " + } + ] + } + } + ] + }, + "vendor_name": "AMD" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none." + "value": "An out of bounds write vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privileges or denial of service." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NA" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000", + "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000" + } + ] + }, + "source": { + "advisory": "AMD-SB-1000", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12985.json b/2020/12xxx/CVE-2020-12985.json index 1cea3566b78..7b052de0a7f 100644 --- a/2020/12xxx/CVE-2020-12985.json +++ b/2020/12xxx/CVE-2020-12985.json @@ -1,18 +1,77 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@amd.com", + "DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "ID": "CVE-2020-12985", - "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "AMD Radeon Software ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "Radeon Software", + "version_value": "20.7.1" + }, + { + "version_affected": "<", + "version_name": "Radeon Pro Software for Enterprise ", + "version_value": "21.Q2 " + } + ] + } + } + ] + }, + "vendor_name": "AMD" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none." + "value": "An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may lead to escalation of privilege or denial of service." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NA" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000", + "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000" + } + ] + }, + "source": { + "advisory": "AMD-SB-1000", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12986.json b/2020/12xxx/CVE-2020-12986.json index 6b6e55b2212..0fa543336d0 100644 --- a/2020/12xxx/CVE-2020-12986.json +++ b/2020/12xxx/CVE-2020-12986.json @@ -1,18 +1,77 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@amd.com", + "DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "ID": "CVE-2020-12986", - "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "AMD Radeon Software ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "Radeon Software", + "version_value": "20.7.1" + }, + { + "version_affected": "<", + "version_name": "Radeon Pro Software for Enterprise ", + "version_value": "21.Q2 " + } + ] + } + } + ] + }, + "vendor_name": "AMD" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none." + "value": "An insufficient pointer validation vulnerability in the AMD Graphics Driver for Windows 10 may cause arbitrary code execution in the kernel, leading to escalation of privilege or denial of service." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NA" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000", + "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000" + } + ] + }, + "source": { + "advisory": "AMD-SB-1000", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12987.json b/2020/12xxx/CVE-2020-12987.json index 8913ae5eac2..25d989ee5fa 100644 --- a/2020/12xxx/CVE-2020-12987.json +++ b/2020/12xxx/CVE-2020-12987.json @@ -1,18 +1,77 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@amd.com", + "DATE_PUBLIC": "2021-11-09T20:00:00.000Z", "ID": "CVE-2020-12987", - "ASSIGNER": "cve@mitre.org", - "STATE": "REJECT" + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "AMD Radeon Software ", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "Radeon Software", + "version_value": "20.7.1" + }, + { + "version_affected": "<", + "version_name": "Radeon Pro Software for Enterprise ", + "version_value": "21.Q2 " + } + ] + } + } + ] + }, + "vendor_name": "AMD" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none." + "value": "A heap information leak/kernel pool address disclosure vulnerability in the AMD Graphics Driver for Windows 10 may lead to KASLR bypass." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "NA" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000", + "name": "https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1000" + } + ] + }, + "source": { + "advisory": "AMD-SB-1000", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/21xxx/CVE-2021-21750.json b/2021/21xxx/CVE-2021-21750.json index 82cd6c7ea23..736c60082da 100644 --- a/2021/21xxx/CVE-2021-21750.json +++ b/2021/21xxx/CVE-2021-21750.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21750", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@zte.com.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "ZXIN10 CMS", + "version": { + "version_data": [ + { + "version_value": "All versions up to ZXOMS-BIGDATA-IOPSWEBV3.01.01.04" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "privilege escalation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1021884", + "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1021884" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ZTE BigVideo Analysis product has a privilege escalation vulnerability. Due to improper management of the timed task modification privilege, an attacker with ordinary user permissions could exploit this vulnerability to gain unauthorized access." } ] } diff --git a/2021/21xxx/CVE-2021-21751.json b/2021/21xxx/CVE-2021-21751.json index 3b49f9b1631..84d0331efa1 100644 --- a/2021/21xxx/CVE-2021-21751.json +++ b/2021/21xxx/CVE-2021-21751.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21751", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "psirt@zte.com.cn", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "ZXIN10 CMS", + "version": { + "version_data": [ + { + "version_value": "All versions up to ZXOMS-BIGDATA-IOPSWEBV3.01.01.04" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "input verification" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1021884", + "url": "https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1021884" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ZTE BigVideo analysis product has an input verification vulnerability. Due to the inconsistency between the front and back verifications when configuring the large screen page, an attacker with high privileges could exploit this vulnerability to tamper with the URL and cause service exception." } ] } diff --git a/2021/23xxx/CVE-2021-23244.json b/2021/23xxx/CVE-2021-23244.json index 872a67e1913..6d64414051d 100644 --- a/2021/23xxx/CVE-2021-23244.json +++ b/2021/23xxx/CVE-2021-23244.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-23244", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@oppo.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "OPPO Android Phone", + "version": { + "version_data": [ + { + "version_value": "OPPO Mobile phones with ColorOS 11 version" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Elevation of privilege" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976", + "url": "https://security.oppo.com/en/noticeDetail?notice_only_key=NOTICE-1474214753353342976" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ColorOS pregrant dangerous permissions to apps which are listed in a whitelist xml named default-grant-permissions.But some apps in whitelist is not installed, attacker can disguise app with the same package name to obtain dangerous permission." } ] } diff --git a/2021/32xxx/CVE-2021-32993.json b/2021/32xxx/CVE-2021-32993.json index 01721461f09..2a8c5c2c157 100644 --- a/2021/32xxx/CVE-2021-32993.json +++ b/2021/32xxx/CVE-2021-32993.json @@ -1,18 +1,110 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-11-18T15:34:00.000Z", "ID": "CVE-2021-32993", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Philips IntelliBridge EC 40 and EC 80 Hub Use of Hard-coded Credentials" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "IntelliBridge EC 40 Hub", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "C.00.04" + } + ] + } + }, + { + "product_name": "IntelliBridge EC 80 Hub", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "C.00.04" + } + ] + } + } + ] + }, + "vendor_name": "Philips" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) contains hard-coded credentials, such as a password or a cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-798 Use of Hard-coded Credentials" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-01", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-01" + } + ] + }, + "solution": [ + { + "lang": "eng" + } + ], + "source": { + "advisory": "ICSMA-21-322-01", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/33xxx/CVE-2021-33017.json b/2021/33xxx/CVE-2021-33017.json index b37d3fc5c9f..d78b250a59d 100644 --- a/2021/33xxx/CVE-2021-33017.json +++ b/2021/33xxx/CVE-2021-33017.json @@ -1,18 +1,110 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-11-18T15:34:00.000Z", "ID": "CVE-2021-33017", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Philips IntelliBridge EC 40 and EC 80 Hub Authentication Bypass Using an Alternate Path or Channel" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "IntelliBridge EC 40 Hub", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "C.00.04" + } + ] + } + }, + { + "product_name": "IntelliBridge EC 80 Hub", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "C.00.04" + } + ] + } + } + ] + }, + "vendor_name": "Philips" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The standard access path of the IntelliBridge EC 40 and 60 Hub (C.00.04 and prior) requires authentication, but the product has an alternate path or channel that does not require authentication." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-288 Authentication Bypass Using an Alternate Path or Channel" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-01", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-01" + } + ] + }, + "solution": [ + { + "lang": "eng" + } + ], + "source": { + "advisory": "ICSMA-21-322-01", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/35xxx/CVE-2021-35232.json b/2021/35xxx/CVE-2021-35232.json index 1f214fcb4f8..55e92f78448 100644 --- a/2021/35xxx/CVE-2021-35232.json +++ b/2021/35xxx/CVE-2021-35232.json @@ -1,18 +1,108 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@solarwinds.com", + "DATE_PUBLIC": "2021-12-22T15:45:00.000Z", "ID": "CVE-2021-35232", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Hard credentials discovered in SolarWinds Web Help Desk which allows to execute Arbitrary Hibernate Queries" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Web Help Desk", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.7.7 and previous versions", + "version_value": "12.7.7 HF 1 " + } + ] + } + } + ] + }, + "vendor_name": "SolarWinds" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Shabhum Shah " + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Hard coded credentials discovered in SolarWinds Web Help Desk product. Through these credentials, the attacker with local access to the Web Help Desk host machine allows to execute arbitrary HQL queries against the database and leverage the vulnerability to steal the password hashes of the users or insert arbitrary data into the database." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 6.8, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35232", + "name": "https://www.solarwinds.com/trust-center/security-advisories/CVE-2021-35232" + }, + { + "refsource": "MISC", + "url": "https://support.solarwinds.com/SuccessCenter/s/article/Web-Help-Desk-12-7-7-Hotfix-1-Release-Notes?language=en_US", + "name": "https://support.solarwinds.com/SuccessCenter/s/article/Web-Help-Desk-12-7-7-Hotfix-1-Release-Notes?language=en_US" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "SolarWinds advises the customers to upgrade to the latest Web Help Desk 12.7.7 Hotfix 1 product release once it becomes generally available." + } + ], + "source": { + "defect": [ + "CVE-2021-35232" + ], + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/35xxx/CVE-2021-35243.json b/2021/35xxx/CVE-2021-35243.json index 189b5fe0762..215ca1cdc87 100644 --- a/2021/35xxx/CVE-2021-35243.json +++ b/2021/35xxx/CVE-2021-35243.json @@ -18,8 +18,8 @@ "version_data": [ { "version_affected": "=", - "version_name": "12.7.6 and earlier", - "version_value": " " + "version_name": "12.7.7 and previous versions ", + "version_value": " 12.7.7 HF1 " } ] } @@ -38,7 +38,7 @@ "description_data": [ { "lang": "eng", - "value": "The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.6 and earlier), allowing users to execute dangerous HTTP requests. The HTTP PUT method is normally used to upload data that is saved on the server with a user-supplied URL. While the DELETE method requests that the origin server removes the association between the target resource and its current functionality. Improper use of these methods may lead to a loss of integrity." + "value": "The HTTP PUT and DELETE methods were enabled in the Web Help Desk web server (12.7.7 and earlier), allowing users to execute dangerous HTTP requests. The HTTP PUT method is normally used to upload data that is saved on the server with a user-supplied URL. While the DELETE method requests that the origin server removes the association between the target resource and its current functionality. Improper use of these methods may lead to a loss of integrity." } ] }, @@ -79,19 +79,24 @@ "refsource": "MISC", "url": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35243", "name": "https://www.solarwinds.com/trust-center/security-advisories/cve-2021-35243" + }, + { + "refsource": "MISC", + "url": "https://support.solarwinds.com/SuccessCenter/s/article/Web-Help-Desk-12-7-7-Hotfix-1-Release-Notes?language=en_US", + "name": "https://support.solarwinds.com/SuccessCenter/s/article/Web-Help-Desk-12-7-7-Hotfix-1-Release-Notes?language=en_US" } ] }, "solution": [ { "lang": "eng", - "value": "Affected customers are advised to upgrade to 12.7.7 Hotfix 1, once it becomes available." + "value": "Affected customers are advised to upgrade to 12.7.7 Hotfix 1 once it becomes available." } ], "source": { "defect": [ "CVE-2021-35243" ], - "discovery": "UNKNOWN" + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43548.json b/2021/43xxx/CVE-2021-43548.json index 0988c835670..1b5eea4ce57 100644 --- a/2021/43xxx/CVE-2021-43548.json +++ b/2021/43xxx/CVE-2021-43548.json @@ -1,18 +1,103 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-11-18T15:34:00.000Z", "ID": "CVE-2021-43548", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Improper Input Validation" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Patient Information Center iX (PIC iX)", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "C.02" + }, + { + "version_affected": "=", + "version_value": "C.03" + } + ] + } + } + ] + }, + "vendor_name": "Philips" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20 Improper Input Validation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02" + } + ] + }, + "solution": [ + { + "lang": "eng" + } + ], + "source": { + "advisory": "ICSMA-21-322-02", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43550.json b/2021/43xxx/CVE-2021-43550.json index 497eb35988b..2fdb64ac61d 100644 --- a/2021/43xxx/CVE-2021-43550.json +++ b/2021/43xxx/CVE-2021-43550.json @@ -1,18 +1,119 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-11-18T15:34:00.000Z", "ID": "CVE-2021-43550", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Efficia CM Series", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "A.01", + "version_value": "C.0x" + }, + { + "version_affected": "=", + "version_value": "4.0" + } + ] + } + }, + { + "product_name": "Patient Information Center iX (PIC iX)", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "C.02" + }, + { + "version_affected": "=", + "version_value": "C.03" + } + ] + } + } + ] + }, + "vendor_name": "Philips" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02" + } + ] + }, + "solution": [ + { + "lang": "eng" + } + ], + "source": { + "advisory": "ICSMA-21-322-02", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43552.json b/2021/43xxx/CVE-2021-43552.json index 8b17f8f0fc0..2fcac2dfdc0 100644 --- a/2021/43xxx/CVE-2021-43552.json +++ b/2021/43xxx/CVE-2021-43552.json @@ -1,18 +1,107 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-11-18T15:34:00.000Z", "ID": "CVE-2021-43552", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of Hard-coded Cryptographic Key" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Patient Information Center iX (PIC iX)", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "C.02" + }, + { + "version_affected": "=", + "version_value": "C.03" + }, + { + "version_affected": "=", + "version_value": "B.02" + } + ] + } + } + ] + }, + "vendor_name": "Philips" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "NONE", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-321 Use of Hard-coded Cryptographic Key" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02" + } + ] + }, + "solution": [ + { + "lang": "eng" + } + ], + "source": { + "advisory": "ICSMA-21-322-02", + "discovery": "UNKNOWN" } } \ No newline at end of file diff --git a/2021/43xxx/CVE-2021-43855.json b/2021/43xxx/CVE-2021-43855.json index 05f6fe4f345..71f84263574 100644 --- a/2021/43xxx/CVE-2021-43855.json +++ b/2021/43xxx/CVE-2021-43855.json @@ -69,6 +69,11 @@ }, "references": { "reference_data": [ + { + "name": "https://github.com/Requarks/wiki/releases/tag/2.5.264", + "refsource": "MISC", + "url": "https://github.com/Requarks/wiki/releases/tag/2.5.264" + }, { "name": "https://github.com/Requarks/wiki/security/advisories/GHSA-4893-pj5w-3hq9", "refsource": "CONFIRM", @@ -78,11 +83,6 @@ "name": "https://github.com/Requarks/wiki/commit/57b56d3a5b9c00358814e76f3ee5b4bb353ad62f", "refsource": "MISC", "url": "https://github.com/Requarks/wiki/commit/57b56d3a5b9c00358814e76f3ee5b4bb353ad62f" - }, - { - "name": "https://github.com/Requarks/wiki/releases/tag/2.5.264", - "refsource": "MISC", - "url": "https://github.com/Requarks/wiki/releases/tag/2.5.264" } ] }, diff --git a/2021/43xxx/CVE-2021-43856.json b/2021/43xxx/CVE-2021-43856.json index 857adbf3849..bc7e0ab31d6 100644 --- a/2021/43xxx/CVE-2021-43856.json +++ b/2021/43xxx/CVE-2021-43856.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Wiki.js is a wiki app built on Node.js. Wiki.js 2.5.263 and earlier is vulnerable to stored cross-site scripting through non-image file uploads for file types that can be viewed directly inline in the browser. By creating a malicious file which can execute inline JS when viewed in the browser (e.g. XML files), a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the file is viewed directly by other users. The file must be opened directly by the user and will not trigger directly in a normal Wiki.js page. A patch in version 2.5.264 fixes this vulnerability by adding an optional (enabled by default) force download flag to all non-image file types, preventing the file from being viewed inline in the browser. As a workaround, disable file upload for all non-trusted users.\n\n---\n\nThanks to @Haxatron for reporting this vulnerability.\nInitially reported via https://huntr.dev/bounties/266bff09-00d9-43ca-a4bb-bb540642811f/" + "value": "Wiki.js is a wiki app built on Node.js. Wiki.js 2.5.263 and earlier is vulnerable to stored cross-site scripting through non-image file uploads for file types that can be viewed directly inline in the browser. By creating a malicious file which can execute inline JS when viewed in the browser (e.g. XML files), a malicious Wiki.js user may stage a stored cross-site scripting attack. This allows the attacker to execute malicious JavaScript when the file is viewed directly by other users. The file must be opened directly by the user and will not trigger directly in a normal Wiki.js page. A patch in version 2.5.264 fixes this vulnerability by adding an optional (enabled by default) force download flag to all non-image file types, preventing the file from being viewed inline in the browser. As a workaround, disable file upload for all non-trusted users. --- Thanks to @Haxatron for reporting this vulnerability. Initially reported via https://huntr.dev/bounties/266bff09-00d9-43ca-a4bb-bb540642811f/" } ] }, diff --git a/2021/43xxx/CVE-2021-43857.json b/2021/43xxx/CVE-2021-43857.json index d0e89cb0147..08e9a234ec6 100644 --- a/2021/43xxx/CVE-2021-43857.json +++ b/2021/43xxx/CVE-2021-43857.json @@ -69,16 +69,16 @@ }, "references": { "reference_data": [ - { - "name": "https://github.com/Gerapy/Gerapy/security/advisories/GHSA-9w7f-m4j4-j3xw", - "refsource": "CONFIRM", - "url": "https://github.com/Gerapy/Gerapy/security/advisories/GHSA-9w7f-m4j4-j3xw" - }, { "name": "https://github.com/Gerapy/Gerapy/issues/219", "refsource": "MISC", "url": "https://github.com/Gerapy/Gerapy/issues/219" }, + { + "name": "https://github.com/Gerapy/Gerapy/security/advisories/GHSA-9w7f-m4j4-j3xw", + "refsource": "CONFIRM", + "url": "https://github.com/Gerapy/Gerapy/security/advisories/GHSA-9w7f-m4j4-j3xw" + }, { "name": "https://github.com/Gerapy/Gerapy/commit/49bcb19be5e0320e7e1535f34fe00f16a3cf3b28", "refsource": "MISC", diff --git a/2021/45xxx/CVE-2021-45232.json b/2021/45xxx/CVE-2021-45232.json index 7b084286434..876a1d0022c 100644 --- a/2021/45xxx/CVE-2021-45232.json +++ b/2021/45xxx/CVE-2021-45232.json @@ -88,6 +88,11 @@ "refsource": "MISC", "url": "https://lists.apache.org/thread/979qbl6vlm8269fopfyygnxofgqyn6k5", "name": "https://lists.apache.org/thread/979qbl6vlm8269fopfyygnxofgqyn6k5" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20211227 CVE-2021-45232: Apache APISIX Dashboard: security vulnerability on unauthorized access", + "url": "http://www.openwall.com/lists/oss-security/2021/12/27/1" } ] }, diff --git a/2021/4xxx/CVE-2021-4161.json b/2021/4xxx/CVE-2021-4161.json index a36a8627e92..c097a90035e 100644 --- a/2021/4xxx/CVE-2021-4161.json +++ b/2021/4xxx/CVE-2021-4161.json @@ -1,18 +1,124 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "ics-cert@hq.dhs.gov", + "DATE_PUBLIC": "2021-12-23T23:31:00.000Z", "ID": "CVE-2021-4161", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "ICSA-21-357-01 Moxa MGate Protocol Gateways" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "MGate MB3180 Series: Firmware", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "all", + "version_value": "2.2" + } + ] + } + }, + { + "product_name": "MGate MB3280 Series: Firmware", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "all", + "version_value": "4.1" + } + ] + } + }, + { + "product_name": "MGate MB3480 Series: Firmware", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "all", + "version_value": "3.2" + } + ] + } + } + ] + }, + "vendor_name": "Moxa" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Parul Sindhwad, Anurag M. Chevendra, and Dr. Faruk Kazi of CoE-CNDS Lab; VJTI; and Mumbai-INDIA reported this vulnerability to Moxa" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The affected products contain vulnerable firmware, which could allow an attacker to sniff the traffic and decrypt login credential details. This could give an attacker admin rights through the HTTP web server." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-319 Cleartext Transmission of Sensitive Information" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-357-01", + "name": "https://www.cisa.gov/uscert/ics/advisories/icsa-21-357-01" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Moxa has developed the following mitigations to address this vulnerability:\n\n-Enable \u2018HTTPS\u2019 and disable the HTTP console function under \u2018Console Settings\u2019\n-Moxa also recommends users refer to Tech Note: Moxa Security Hardening Guide for MGate MB3000 Series" + } + ], + "source": { + "discovery": "UNKNOWN" } } \ No newline at end of file