"-Synchronized-Data."

2014/5xxx/CVE-2014-5209.json

@@ -1,8 +1,31 @@
 {
     "CVE_data_meta": {
-        "ASSIGNER": "cve@mitre.org",
+        "ASSIGNER": "cert@cert.org",
         "ID": "CVE-2014-5209",
-        "STATE": "RESERVED"
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "NTP",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "NTP",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "4.2.7p25"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
     },
     "data_format": "MITRE",
     "data_type": "CVE",
@@ -11,7 +34,43 @@
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "information disclosure"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.f5.com/csp/article/K44942017",
+                "url": "https://support.f5.com/csp/article/K44942017"
+            },
+            {
+                "refsource": "CONFIRM",
+                "name": "https://support.f5.com/csp/article/K44942017?utm_source=f5support&utm_medium=RSS",
+                "url": "https://support.f5.com/csp/article/K44942017?utm_source=f5support&utm_medium=RSS"
+            },
+            {
+                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841",
+                "refsource": "MISC",
+                "name": "https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"
+            },
+            {
+                "url": "https://support.f5.com/csp/article/K44942017",
+                "refsource": "MISC",
+                "name": "https://support.f5.com/csp/article/K44942017"
             }
         ]
     }

2019/17xxx/CVE-2019-17571.json

@@ -118,6 +118,11 @@
                 "refsource": "MLIST",
                 "name": "[zookeeper-dev] 20200107 [jira] [Created] (ZOOKEEPER-3677) owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
                 "url": "https://lists.apache.org/thread.html/rbdf18e39428b5c80fc35113470198b1fe53b287a76a46b0f8780b5fd@%3Cdev.zookeeper.apache.org%3E"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[zookeeper-issues] 20200107 [jira] [Commented] (ZOOKEEPER-3677) owasp checker failing for - CVE-2019-17571 Apache Log4j 1.2 deserialization of untrusted data in SocketServer",
+                "url": "https://lists.apache.org/thread.html/r05755112a8c164abc1004bb44f198b1e3d8ca3d546a8f13ebd3aa05f@%3Cissues.zookeeper.apache.org%3E"
             }
         ]
     },