From d710c331ef1761f1b7505a45131c15016d2a931c Mon Sep 17 00:00:00 2001 From: Tod Beardsley Date: Wed, 4 Aug 2021 17:10:40 -0500 Subject: [PATCH] Adding several vuln disclosures --- 2021/31xxx/CVE-2021-31867.json | 88 +++++++++++++++++++++++++++--- 2021/31xxx/CVE-2021-31869.json | 88 +++++++++++++++++++++++++++--- 2021/36xxx/CVE-2021-36800.json | 88 +++++++++++++++++++++++++++--- 2021/36xxx/CVE-2021-36801.json | 88 +++++++++++++++++++++++++++--- 2021/36xxx/CVE-2021-36802.json | 88 +++++++++++++++++++++++++++--- 2021/36xxx/CVE-2021-36803.json | 88 +++++++++++++++++++++++++++--- 2021/36xxx/CVE-2021-36804.json | 98 +++++++++++++++++++++++++++++++--- 2021/36xxx/CVE-2021-36805.json | 88 +++++++++++++++++++++++++++--- 2021/3xxx/CVE-2021-3539.json | 88 +++++++++++++++++++++++++++--- 9 files changed, 748 insertions(+), 54 deletions(-) diff --git a/2021/31xxx/CVE-2021-31867.json b/2021/31xxx/CVE-2021-31867.json index 530bf9164cc..2b95aedbfc1 100644 --- a/2021/31xxx/CVE-2021-31867.json +++ b/2021/31xxx/CVE-2021-31867.json @@ -1,18 +1,94 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@rapid7.com", + "DATE_PUBLIC": "2021-07-27T13:05:00.000Z", "ID": "CVE-2021-31867", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Pimcore Customer Data Framework 'SegmentAssignmentController.php' Blind SQL Injection" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Pimcore Customer Data Framework", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "3.0.0", + "version_value": "3.0.0" + } + ] + } + } + ] + }, + "vendor_name": "Pimcore" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Wiktor Sędkowski of Nokia and Trevor Christiansen of Rapid7 discovered and reported this issue through Rapid7's vulnerability disclosure program." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application. This issue was fixed in version 3.0.2 of the product." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/", + "refsource": "MISC", + "url": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/31xxx/CVE-2021-31869.json b/2021/31xxx/CVE-2021-31869.json index 257873d3efb..7665a7db57a 100644 --- a/2021/31xxx/CVE-2021-31869.json +++ b/2021/31xxx/CVE-2021-31869.json @@ -1,18 +1,94 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@rapid7.com", + "DATE_PUBLIC": "2021-07-27T13:05:00.000Z", "ID": "CVE-2021-31869", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Pimcore AdminBundle 'specificID' SQL Injection" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Pimcore AdminBundle", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "6.8.0", + "version_value": "6.8.0" + } + ] + } + } + ] + }, + "vendor_name": "Pimcore" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Wiktor Sędkowski of Nokia and Trevor Christiansen of Rapid7 discovered and reported this issue through Rapid7's vulnerability disclosure program." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Pimcore AdminBundle version 6.8.0 and earlier suffers from a SQL injection issue in the specificID variable used by the application. This issue was fixed in version 6.9.4 of the product." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/", + "refsource": "MISC", + "url": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36800.json b/2021/36xxx/CVE-2021-36800.json index f5ee4b4bc3d..19adecea1b7 100644 --- a/2021/36xxx/CVE-2021-36800.json +++ b/2021/36xxx/CVE-2021-36800.json @@ -1,18 +1,94 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@rapid7.com", + "DATE_PUBLIC": "2021-07-27T13:05:00.000Z", "ID": "CVE-2021-36800", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Akaunting OS Command Injection in 'Money.php'" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Akaunting", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "2.1.12", + "version_value": "2.1.12" + } + ] + } + } + ] + }, + "vendor_name": "Akaunting" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Wiktor Sędkowski of Nokia and Trevor Christiansen of Rapid7 discovered and reported this issue through Rapid7's vulnerability disclosure program." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. A POST sent to /{company_id}/sales/invoices/{invoice_id} with an items[0][price] that includes a PHP callable function is executed directly. This issue was fixed in version 2.1.13 of the product." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.7, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "HIGH", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-94 Improper Control of Generation of Code ('Code Injection')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/", + "refsource": "MISC", + "url": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36801.json b/2021/36xxx/CVE-2021-36801.json index b0760d96301..0a9d50a6fcb 100644 --- a/2021/36xxx/CVE-2021-36801.json +++ b/2021/36xxx/CVE-2021-36801.json @@ -1,18 +1,94 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@rapid7.com", + "DATE_PUBLIC": "2021-07-27T13:05:00.000Z", "ID": "CVE-2021-36801", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Akaunting Authentication Bypass in Company Selection" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Akaunting", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "2.1.12", + "version_value": "2.1.12" + } + ] + } + } + ] + }, + "vendor_name": "Akaunting" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Wiktor Sędkowski of Nokia and Trevor Christiansen of Rapid7 discovered and reported this issue through Rapid7's vulnerability disclosure program." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Akaunting version 2.1.12 and earlier suffers from an authentication bypass issue in the user-controllable field, companies[0]. This issue was fixed in version 2.1.13 of the product." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-639 Authorization Bypass Through User-Controlled Key" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/", + "refsource": "MISC", + "url": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36802.json b/2021/36xxx/CVE-2021-36802.json index 26a614c1e1a..139ac2d22ca 100644 --- a/2021/36xxx/CVE-2021-36802.json +++ b/2021/36xxx/CVE-2021-36802.json @@ -1,18 +1,94 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@rapid7.com", + "DATE_PUBLIC": "2021-07-27T13:05:00.000Z", "ID": "CVE-2021-36802", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Akaunting DoS via User-Controlled 'locale' Variable" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Akaunting", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "2.1.12", + "version_value": "2.1.12" + } + ] + } + } + ] + }, + "vendor_name": "Akaunting" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Wiktor Sędkowski of Nokia and Trevor Christiansen of Rapid7 discovered and reported this issue through Rapid7's vulnerability disclosure program." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Akaunting version 2.1.12 and earlier suffers from a denial-of-service issue that is triggered by setting a malformed 'locale' variable and sending it in an otherwise normal HTTP POST request. This issue was fixed in version 2.1.13 of the product." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-248: Uncaught Exception Denial of Service" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/", + "refsource": "MISC", + "url": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36803.json b/2021/36xxx/CVE-2021-36803.json index 7df2df80714..66857f5c1b6 100644 --- a/2021/36xxx/CVE-2021-36803.json +++ b/2021/36xxx/CVE-2021-36803.json @@ -1,18 +1,94 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@rapid7.com", + "DATE_PUBLIC": "2021-07-27T13:05:00.000Z", "ID": "CVE-2021-36803", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Akaunting Avatar Persistent XSS" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Akaunting", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "2.1.12", + "version_value": "2.1.12" + } + ] + } + } + ] + }, + "vendor_name": "Akaunting" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Wiktor Sędkowski of Nokia and Trevor Christiansen of Rapid7 discovered and reported this issue through Rapid7's vulnerability disclosure program." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Akaunting version 2.1.12 and earlier suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in processing user-supplied avatar images. This issue was fixed in version 2.1.13 of the product." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/", + "refsource": "MISC", + "url": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36804.json b/2021/36xxx/CVE-2021-36804.json index dac3f9563f0..dc4e6e373de 100644 --- a/2021/36xxx/CVE-2021-36804.json +++ b/2021/36xxx/CVE-2021-36804.json @@ -1,18 +1,104 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@rapid7.com", + "DATE_PUBLIC": "2021-07-27T13:05:00.000Z", "ID": "CVE-2021-36804", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Akaunting Password Reset Relay" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Akaunting", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "2.1.12", + "version_value": "2.1.12" + } + ] + } + } + ] + }, + "vendor_name": "Akaunting" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Wiktor Sędkowski of Nokia and Trevor Christiansen of Rapid7 discovered and reported this issue through Rapid7's vulnerability disclosure program." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Akaunting version 2.1.12 and earlier suffers from a password reset spoofing vulnerability, wherein an attacker can proxy password reset requests through a running Akaunting instance, if that attacker knows the target's e-mail address. This issue was fixed in version 2.1.13 of the product. Please note that this issue is ultimately caused by the defaults provided by the Laravel framework, specifically how proxy headers are handled with respect to multi-tenant implementations. In other words, while this is not technically a vulnerability in Laravel, this default configuration is very likely to lead to practically identical identical vulnerabilities in Laravel projects that implement multi-tenant applications." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-640 Weak Password Recovery Mechanism for Forgotten Password" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/", + "refsource": "MISC", + "url": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/" + }, + { + "name": "https://www.laravel-enlightn.com/docs/security/host-injection-analyzer.html", + "refsource": "MISC", + "url": "https://www.laravel-enlightn.com/docs/security/host-injection-analyzer.html" + }, + { + "name": "https://github.com/laravel/laravel/pull/5477", + "refsource": "MISC", + "url": "https://github.com/laravel/laravel/pull/5477" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36805.json b/2021/36xxx/CVE-2021-36805.json index 4b9db905234..0a7c4b3987b 100644 --- a/2021/36xxx/CVE-2021-36805.json +++ b/2021/36xxx/CVE-2021-36805.json @@ -1,18 +1,94 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@rapid7.com", + "DATE_PUBLIC": "2021-07-27T13:05:00.000Z", "ID": "CVE-2021-36805", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Akaunting Invoice Footer Persistent XSS" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Akaunting", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "2.1.12", + "version_value": "2.1.12" + } + ] + } + } + ] + }, + "vendor_name": "Akaunting" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Wiktor Sędkowski of Nokia and Trevor Christiansen of Rapid7 discovered and reported this issue through Rapid7's vulnerability disclosure program." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Akaunting version 2.1.12 and earlier suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in the sales invoice processing component of the application. This issue was fixed in version 2.1.13 of the product." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.2, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/", + "refsource": "MISC", + "url": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3539.json b/2021/3xxx/CVE-2021-3539.json index d9df96ca602..894c549ccef 100644 --- a/2021/3xxx/CVE-2021-3539.json +++ b/2021/3xxx/CVE-2021-3539.json @@ -1,18 +1,94 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "cve@rapid7.com", + "DATE_PUBLIC": "2021-07-27T13:05:00.000Z", "ID": "CVE-2021-3539", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "EspoCRM Avatar Persistent XSS" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "EspoCRM", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_name": "6.1.6", + "version_value": "6.1.6" + } + ] + } + } + ] + }, + "vendor_name": "EspoCRM" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Wiktor Sędkowski of Nokia and Trevor Christiansen of Rapid7 discovered and reported this issue through Rapid7's vulnerability disclosure program." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "EspoCRM 6.1.6 and prior suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in processing user-supplied avatar images. This issue was fixed in version 6.1.7 of the product." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 6.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross-site Scripting (XSS)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/", + "refsource": "MISC", + "url": "https://www.rapid7.com/blog/post/2021/07/27/multiple-open-source-web-app-vulnerabilities-fixed/" + } + ] + }, + "source": { + "discovery": "EXTERNAL" } } \ No newline at end of file