admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

IBM20210519-153728

Browse Source 
Added CVE-2021-20529, CVE-2020-4646, CVE-2021-20528, CVE-2020-4765, CVE-2021-20374
This commit is contained in:
Scott Moore - IBM 2021-05-19 15:37:28 -04:00
parent 9ee6779bc3
commit e3c735d1a5
No known key found for this signature in database
GPG Key ID: 8E6C411D57F2D75C
5 changed files with 459 additions and 75 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

117
2020/4xxx/CVE-2020-4646.json
View File

@ -1,18 +1,105 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4646",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "6.0.0.0"
},
{
"version_value" : "5.2.0.0"
},
{
"version_value" : "5.2.6.5"
},
{
"version_value" : "6.1.0.0"
},
{
"version_value" : "6.0.3.3"
},
{
"version_value" : "6.1.0.2"
}
]
},
"product_name" : "Sterling B2B Integrator"
}
]
}
}
]
}
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"I" : "N",
"AV" : "N",
"UI" : "N",
"S" : "U",
"SCORE" : "4.300",
"C" : "L",
"PR" : "L",
"AC" : "L",
"A" : "N"
}
}
},
"data_format" : "MITRE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5, 6.0.0.0 through 6.0.3.3, and 6.1.0.0 through 6.1.0.2 could allow an authenticated user to view pages they shoiuld not have access to due to improper authorization control."
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-05-18T00:00:00",
"ID" : "CVE-2020-4646",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6454169",
"title" : "IBM Security Bulletin 6454169 (Sterling B2B Integrator)",
"url" : "https://www.ibm.com/support/pages/node/6454169"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/185808",
"refsource" : "XF",
"name" : "ibm-sterling-cve20204646-info-disc (185808)"
}
]
}
}

108
2020/4xxx/CVE-2020-4765.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4765",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6454019",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6454019",
"title" : "IBM Security Bulletin 6454019 (Cloud Pak for Multicloud Management)"
},
{
"name" : "ibm-cloudpak-cve20204765-info-disc (188902)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/188902",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Cloud Pak for Multicloud Management prior to 2.3 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 188902.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-05-18T00:00:00",
"ID" : "CVE-2020-4765"
},
"data_version" : "4.0",
"data_format" : "MITRE",
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Cloud Pak for Multicloud Management",
"version" : {
"version_data" : [
{
"version_value" : "2.1"
},
{
"version_value" : "2.2"
},
{
"version_value" : "2.0"
}
]
}
}
]
}
}
]
}
}
]
}
},
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"UI" : "N",
"AV" : "L",
"I" : "N",
"AC" : "L",
"A" : "N",
"C" : "L",
"PR" : "N",
"SCORE" : "4.000"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
}
}

105
2021/20xxx/CVE-2021-20374.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20374",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "H",
"RL" : "O"
},
"BM" : {
"UI" : "N",
"S" : "U",
"AV" : "N",
"I" : "L",
"PR" : "N",
"C" : "L",
"A" : "N",
"AC" : "L",
"SCORE" : "6.500"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "7.6.0"
},
{
"version_value" : "7.6.1"
}
]
},
"product_name" : "Maximo Asset Management"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"data_version" : "4.0",
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"value" : "IBM Maximo Asset Management 7.6.0 and 7.6.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195522.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-05-18T00:00:00",
"ID" : "CVE-2021-20374",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6454205",
"title" : "IBM Security Bulletin 6454205 (Maximo Asset Management)",
"name" : "https://www.ibm.com/support/pages/node/6454205",
"refsource" : "CONFIRM"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/195522",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-maximo-cve202120374-xss (195522)",
"refsource" : "XF"
}
]
}
}

102
2021/20xxx/CVE-2021-20528.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20528",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_version" : "4.0",
"data_format" : "MITRE",
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Cross-Site Scripting"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "R",
"S" : "C",
"AV" : "N",
"I" : "L",
"C" : "L",
"PR" : "L",
"A" : "N",
"AC" : "L",
"SCORE" : "5.400"
},
"TM" : {
"RL" : "O",
"E" : "H",
"RC" : "C"
}
}
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Control Center",
"version" : {
"version_data" : [
{
"version_value" : "6.2.0.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6454215 (Control Center)",
"url" : "https://www.ibm.com/support/pages/node/6454215",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6454215"
},
{
"name" : "ibm-sterling-cve202120528-xss (198761)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198761",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Control Center 6.2.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198761."
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-05-18T00:00:00",
"ID" : "CVE-2021-20528",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
}
}

102
2021/20xxx/CVE-2021-20529.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20529",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_format" : "MITRE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "Control Center",
"version" : {
"version_data" : [
{
"version_value" : "6.2.0.0"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"UI" : "N",
"S" : "U",
"I" : "N",
"AV" : "N",
"C" : "L",
"PR" : "N",
"AC" : "L",
"A" : "N",
"SCORE" : "5.300"
}
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6454209 (Control Center)",
"url" : "https://www.ibm.com/support/pages/node/6454209",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6454209"
},
{
"name" : "ibm-sterling-cve202120529-info-disc (198763)",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198763",
"title" : "X-Force Vulnerability Report"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Control Center 6.2.0.0 could allow a user to obtain sensitive version information that could be used in further attacks against the system. IBM X-Force ID: 198763."
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-05-18T00:00:00",
"ID" : "CVE-2021-20529",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
}
}