From d27825c43906779d23c8cecf7e243349ac2f3818 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 7 Oct 2021 21:00:51 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/21xxx/CVE-2020-21865.json | 56 ++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42084.json | 56 ++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42085.json | 56 ++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42086.json | 56 ++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42087.json | 56 ++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42088.json | 56 ++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42089.json | 56 ++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42090.json | 56 ++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42091.json | 56 ++++++++++++++++++++++++++---- 2021/42xxx/CVE-2021-42095.json | 62 ++++++++++++++++++++++++++++++++++ 2021/42xxx/CVE-2021-42096.json | 18 ++++++++++ 2021/42xxx/CVE-2021-42097.json | 18 ++++++++++ 12 files changed, 548 insertions(+), 54 deletions(-) create mode 100644 2021/42xxx/CVE-2021-42095.json create mode 100644 2021/42xxx/CVE-2021-42096.json create mode 100644 2021/42xxx/CVE-2021-42097.json diff --git a/2020/21xxx/CVE-2020-21865.json b/2020/21xxx/CVE-2020-21865.json index c3b3ec4708d..daa95f7d4be 100644 --- a/2020/21xxx/CVE-2020-21865.json +++ b/2020/21xxx/CVE-2020-21865.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-21865", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-21865", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s=captcha." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nnngu/ThinkPHP50-CMS/issues/1", + "refsource": "MISC", + "name": "https://github.com/nnngu/ThinkPHP50-CMS/issues/1" } ] } diff --git a/2021/42xxx/CVE-2021-42084.json b/2021/42xxx/CVE-2021-42084.json index 488e2942b4b..646f26e9d97 100644 --- a/2021/42xxx/CVE-2021-42084.json +++ b/2021/42xxx/CVE-2021-42084.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42084", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42084", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Zammad before 4.1.1. An attacker with valid agent credentials may send a series of crafted requests that cause an endless loop and thus cause denial of service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://zammad.com/en/advisories/zaa-2021-11", + "refsource": "MISC", + "name": "https://zammad.com/en/advisories/zaa-2021-11" } ] } diff --git a/2021/42xxx/CVE-2021-42085.json b/2021/42xxx/CVE-2021-42085.json index 30fab2cc24e..9e322615e6f 100644 --- a/2021/42xxx/CVE-2021-42085.json +++ b/2021/42xxx/CVE-2021-42085.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42085", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42085", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Zammad before 4.1.1. There is stored XSS via a custom Avatar." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://zammad.com/en/advisories/zaa-2021-17", + "refsource": "MISC", + "name": "https://zammad.com/en/advisories/zaa-2021-17" } ] } diff --git a/2021/42xxx/CVE-2021-42086.json b/2021/42xxx/CVE-2021-42086.json index e6addb4b62a..cfdcd772471 100644 --- a/2021/42xxx/CVE-2021-42086.json +++ b/2021/42xxx/CVE-2021-42086.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42086", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42086", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Zammad before 4.1.1. An Agent account can modify account data, and gain admin access, via a crafted request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://zammad.com/en/advisories/zaa-2021-09", + "refsource": "MISC", + "name": "https://zammad.com/en/advisories/zaa-2021-09" } ] } diff --git a/2021/42xxx/CVE-2021-42087.json b/2021/42xxx/CVE-2021-42087.json index 53b11235e16..87881d1e27e 100644 --- a/2021/42xxx/CVE-2021-42087.json +++ b/2021/42xxx/CVE-2021-42087.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42087", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42087", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Zammad before 4.1.1. An admin can discover the application secret via the API." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://zammad.com/en/advisories/zaa-2021-15", + "refsource": "MISC", + "name": "https://zammad.com/en/advisories/zaa-2021-15" } ] } diff --git a/2021/42xxx/CVE-2021-42088.json b/2021/42xxx/CVE-2021-42088.json index d952890fd79..00311a7b6cf 100644 --- a/2021/42xxx/CVE-2021-42088.json +++ b/2021/42xxx/CVE-2021-42088.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42088", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42088", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Zammad before 4.1.1. The Chat functionality allows XSS because clipboard data is mishandled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://zammad.com/en/advisories/zaa-2021-12", + "refsource": "MISC", + "name": "https://zammad.com/en/advisories/zaa-2021-12" } ] } diff --git a/2021/42xxx/CVE-2021-42089.json b/2021/42xxx/CVE-2021-42089.json index a01a6397d30..0e75e5bae4c 100644 --- a/2021/42xxx/CVE-2021-42089.json +++ b/2021/42xxx/CVE-2021-42089.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42089", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42089", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Zammad before 4.1.1. The REST API discloses sensitive information." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://zammad.com/en/advisories/zaa-2021-13", + "refsource": "MISC", + "name": "https://zammad.com/en/advisories/zaa-2021-13" } ] } diff --git a/2021/42xxx/CVE-2021-42090.json b/2021/42xxx/CVE-2021-42090.json index f26a99eff9d..f854b9bbbf3 100644 --- a/2021/42xxx/CVE-2021-42090.json +++ b/2021/42xxx/CVE-2021-42090.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42090", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42090", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Zammad before 4.1.1. The Form functionality allows remote code execution because deserialization is mishandled." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://zammad.com/en/advisories/zaa-2021-14", + "refsource": "MISC", + "name": "https://zammad.com/en/advisories/zaa-2021-14" } ] } diff --git a/2021/42xxx/CVE-2021-42091.json b/2021/42xxx/CVE-2021-42091.json index c1053198945..9bcb014883b 100644 --- a/2021/42xxx/CVE-2021-42091.json +++ b/2021/42xxx/CVE-2021-42091.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-42091", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-42091", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Zammad before 4.1.1. SSRF can occur via GitHub or GitLab integration." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://zammad.com/en/advisories/zaa-2021-08", + "refsource": "MISC", + "name": "https://zammad.com/en/advisories/zaa-2021-08" } ] } diff --git a/2021/42xxx/CVE-2021-42095.json b/2021/42xxx/CVE-2021-42095.json new file mode 100644 index 00000000000..e242f37b417 --- /dev/null +++ b/2021/42xxx/CVE-2021-42095.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-42095", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Xshell before 7.0.0.76 allows attackers to cause a crash by triggering rapid changes to the title bar." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.netsarang.com/en/xshell-update-history/", + "refsource": "MISC", + "name": "https://www.netsarang.com/en/xshell-update-history/" + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42096.json b/2021/42xxx/CVE-2021-42096.json new file mode 100644 index 00000000000..ab9fd903a31 --- /dev/null +++ b/2021/42xxx/CVE-2021-42096.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42096", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/42xxx/CVE-2021-42097.json b/2021/42xxx/CVE-2021-42097.json new file mode 100644 index 00000000000..94aa0b3f803 --- /dev/null +++ b/2021/42xxx/CVE-2021-42097.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-42097", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file