From e37d9d224f5db9b87bba43aa73a0f2b5215a9f2d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 15 Jun 2022 18:01:58 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2017/20xxx/CVE-2017-20046.json | 24 +++++++++------ 2017/20xxx/CVE-2017-20047.json | 28 ++++++++++------- 2017/20xxx/CVE-2017-20048.json | 28 ++++++++++------- 2017/20xxx/CVE-2017-20049.json | 24 +++++++++------ 2017/20xxx/CVE-2017-20050.json | 24 +++++++++------ 2021/33xxx/CVE-2021-33036.json | 5 +++ 2022/20xxx/CVE-2022-20664.json | 4 +-- 2022/29xxx/CVE-2022-29859.json | 5 +++ 2022/32xxx/CVE-2022-32550.json | 56 ++++++++++++++++++++++++++++++---- 9 files changed, 138 insertions(+), 60 deletions(-) diff --git a/2017/20xxx/CVE-2017-20046.json b/2017/20xxx/CVE-2017-20046.json index 951e33f030a..dfc5630f566 100644 --- a/2017/20xxx/CVE-2017-20046.json +++ b/2017/20xxx/CVE-2017-20046.json @@ -4,7 +4,7 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2017-20046", - "TITLE": "AXIS P1204\/P3225\/P3367\/M3045\/M3005\/M3007 cross-site request forgery", + "TITLE": "AXIS P1204/P3225/P3367/M3045/M3005/M3007 cross-site request forgery", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC" @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -32,7 +32,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -42,7 +42,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -52,7 +52,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -62,7 +62,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -72,7 +72,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -108,16 +108,20 @@ "cvss": { "version": "3.1", "baseScore": "5.0", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:R\/S:U\/C:L\/I:L\/A:L" + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } }, "references": { "reference_data": [ { - "url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Mar\/41" + "url": "http://seclists.org/fulldisclosure/2017/Mar/41", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2017/Mar/41" }, { - "url": "https:\/\/vuldb.com\/?id.98910" + "url": "https://vuldb.com/?id.98910", + "refsource": "MISC", + "name": "https://vuldb.com/?id.98910" } ] } diff --git a/2017/20xxx/CVE-2017-20047.json b/2017/20xxx/CVE-2017-20047.json index 0696cc7c10e..88b0250e54e 100644 --- a/2017/20xxx/CVE-2017-20047.json +++ b/2017/20xxx/CVE-2017-20047.json @@ -4,7 +4,7 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2017-20047", - "TITLE": "AXIS P1204\/P3225\/P3367\/M3045\/M3005\/M3007 cross site scripting", + "TITLE": "AXIS P1204/P3225/P3367/M3045/M3005/M3007 cross site scripting", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC" @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -32,7 +32,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -42,7 +42,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -52,7 +52,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -62,7 +62,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -72,7 +72,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -108,19 +108,25 @@ "cvss": { "version": "3.1", "baseScore": "4.3", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:N\/I:L\/A:N" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { - "url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Mar\/41" + "url": "http://seclists.org/fulldisclosure/2017/Mar/41", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2017/Mar/41" }, { - "url": "https:\/\/seclists.org\/fulldisclosure\/2017\/Mar\/41" + "url": "https://seclists.org/fulldisclosure/2017/Mar/41", + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2017/Mar/41" }, { - "url": "https:\/\/vuldb.com\/?id.98911" + "url": "https://vuldb.com/?id.98911", + "refsource": "MISC", + "name": "https://vuldb.com/?id.98911" } ] } diff --git a/2017/20xxx/CVE-2017-20048.json b/2017/20xxx/CVE-2017-20048.json index ae2d817a9a9..6f5ddfd70d7 100644 --- a/2017/20xxx/CVE-2017-20048.json +++ b/2017/20xxx/CVE-2017-20048.json @@ -4,7 +4,7 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2017-20048", - "TITLE": "AXIS P1204\/P3225\/P3367\/M3045\/M3005\/M3007 Script Editor cross-site request forgery", + "TITLE": "AXIS P1204/P3225/P3367/M3045/M3005/M3007 Script Editor cross-site request forgery", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC" @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -32,7 +32,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -42,7 +42,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -52,7 +52,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -62,7 +62,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -72,7 +72,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -108,19 +108,25 @@ "cvss": { "version": "3.1", "baseScore": "8.8", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:R\/S:U\/C:H\/I:H\/A:H" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" } }, "references": { "reference_data": [ { - "url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Mar\/41" + "url": "http://seclists.org/fulldisclosure/2017/Mar/41", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2017/Mar/41" }, { - "url": "https:\/\/seclists.org\/fulldisclosure\/2017\/Mar\/41" + "url": "https://seclists.org/fulldisclosure/2017/Mar/41", + "refsource": "MISC", + "name": "https://seclists.org/fulldisclosure/2017/Mar/41" }, { - "url": "https:\/\/vuldb.com\/?id.98912" + "url": "https://vuldb.com/?id.98912", + "refsource": "MISC", + "name": "https://vuldb.com/?id.98912" } ] } diff --git a/2017/20xxx/CVE-2017-20049.json b/2017/20xxx/CVE-2017-20049.json index 0fbab553011..2ebef1ca782 100644 --- a/2017/20xxx/CVE-2017-20049.json +++ b/2017/20xxx/CVE-2017-20049.json @@ -4,7 +4,7 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2017-20049", - "TITLE": "AXIS P1204\/P3225\/P3367\/M3045\/M3005\/M3007 CGI Script privileges management", + "TITLE": "AXIS P1204/P3225/P3367/M3045/M3005/M3007 CGI Script privileges management", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC" @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -32,7 +32,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -42,7 +42,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -52,7 +52,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -62,7 +62,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -72,7 +72,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -108,16 +108,20 @@ "cvss": { "version": "3.1", "baseScore": "8.8", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" } }, "references": { "reference_data": [ { - "url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Mar\/41" + "url": "http://seclists.org/fulldisclosure/2017/Mar/41", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2017/Mar/41" }, { - "url": "https:\/\/vuldb.com\/?id.98913" + "url": "https://vuldb.com/?id.98913", + "refsource": "MISC", + "name": "https://vuldb.com/?id.98913" } ] } diff --git a/2017/20xxx/CVE-2017-20050.json b/2017/20xxx/CVE-2017-20050.json index a59e17a5ec9..b6083a5769d 100644 --- a/2017/20xxx/CVE-2017-20050.json +++ b/2017/20xxx/CVE-2017-20050.json @@ -4,7 +4,7 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2017-20050", - "TITLE": "AXIS P1204\/P3225\/P3367\/M3045\/M3005\/M3007 Web Interface access control", + "TITLE": "AXIS P1204/P3225/P3367/M3045/M3005/M3007 Web Interface access control", "REQUESTER": "cna@vuldb.com", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC" @@ -22,7 +22,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -32,7 +32,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -42,7 +42,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -52,7 +52,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -62,7 +62,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -72,7 +72,7 @@ "version": { "version_data": [ { - "version_value": "n\/a" + "version_value": "n/a" } ] } @@ -108,16 +108,20 @@ "cvss": { "version": "3.1", "baseScore": "5.6", - "vectorString": "CVSS:3.1\/AV:N\/AC:H\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L" + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L" } }, "references": { "reference_data": [ { - "url": "http:\/\/seclists.org\/fulldisclosure\/2017\/Mar\/41" + "url": "http://seclists.org/fulldisclosure/2017/Mar/41", + "refsource": "MISC", + "name": "http://seclists.org/fulldisclosure/2017/Mar/41" }, { - "url": "https:\/\/vuldb.com\/?id.98914" + "url": "https://vuldb.com/?id.98914", + "refsource": "MISC", + "name": "https://vuldb.com/?id.98914" } ] } diff --git a/2021/33xxx/CVE-2021-33036.json b/2021/33xxx/CVE-2021-33036.json index ebb356377f4..bba3792e859 100644 --- a/2021/33xxx/CVE-2021-33036.json +++ b/2021/33xxx/CVE-2021-33036.json @@ -80,6 +80,11 @@ "refsource": "MISC", "url": "https://lists.apache.org/thread/ctr84rmo3xd2tzqcx2b277c8z692vhl5", "name": "https://lists.apache.org/thread/ctr84rmo3xd2tzqcx2b277c8z692vhl5" + }, + { + "refsource": "MLIST", + "name": "[oss-security] 20220615 CVE-2021-33036: Apache Hadoop Privilege escalation vulnerability", + "url": "http://www.openwall.com/lists/oss-security/2022/06/15/2" } ] }, diff --git a/2022/20xxx/CVE-2022-20664.json b/2022/20xxx/CVE-2022-20664.json index e6bf9fb8704..8cb2a41aaa7 100644 --- a/2022/20xxx/CVE-2022-20664.json +++ b/2022/20xxx/CVE-2022-20664.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device.\r This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials.\r " + "value": "A vulnerability in the web management interface of Cisco Secure Email and Web Manager, formerly Cisco Security Management Appliance (SMA), and Cisco Email Security Appliance (ESA) could allow an authenticated, remote attacker to retrieve sensitive information from a Lightweight Directory Access Protocol (LDAP) external authentication server connected to an affected device. This vulnerability is due to a lack of proper input sanitization while querying the external authentication server. An attacker could exploit this vulnerability by sending a crafted query through an external authentication web page. A successful exploit could allow the attacker to gain access to sensitive information, including user credentials from the external authentication server. To exploit this vulnerability, an attacker would need valid operator-level (or higher) credentials." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2022/29xxx/CVE-2022-29859.json b/2022/29xxx/CVE-2022-29859.json index 41fb716c78a..37ddbe87d25 100644 --- a/2022/29xxx/CVE-2022-29859.json +++ b/2022/29xxx/CVE-2022-29859.json @@ -56,6 +56,11 @@ "url": "https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56", "refsource": "MISC", "name": "https://github.com/ambiot/amb1_sdk/commit/4b73f58f32914d0081d79a79e53a3215c8c1ea56" + }, + { + "refsource": "MISC", + "name": "https://www.amebaiot.com/zh/security_bulletin/cve-2022-29859/", + "url": "https://www.amebaiot.com/zh/security_bulletin/cve-2022-29859/" } ] } diff --git a/2022/32xxx/CVE-2022-32550.json b/2022/32xxx/CVE-2022-32550.json index 722fc3b9ad1..5c86a85d3a7 100644 --- a/2022/32xxx/CVE-2022-32550.json +++ b/2022/32xxx/CVE-2022-32550.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-32550", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-32550", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in AgileBits 1Password, involving the method various 1Password apps and integrations used to create connections to the 1Password service. In specific circumstances, this issue allowed a malicious server to convince a 1Password app or integration it is communicating with the 1Password service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.1password.com/kb/202206/", + "refsource": "MISC", + "name": "https://support.1password.com/kb/202206/" } ] }