Auto-merge PR#3846

2025-08-04 08:44:25 +00:00 · 2021-12-22 11:50:16 -05:00 · 2021-12-22 11:50:16 -05:00 · e51d7cd40c
commit e51d7cd40c
parent 5c88084ea6 c9bb9ebee5
1 changed files with 93 additions and 15 deletions
--- a/2021/39xxx/CVE-2021-39013.json
+++ b/2021/39xxx/CVE-2021-39013.json
@ -1,18 +1,96 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
-    "CVE_data_meta": {
-        "ID": "CVE-2021-39013",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
-    },
-    "description": {
-        "description_data": [
+   "data_format" : "MITRE",
+   "references" : {
+      "reference_data" : [
+         {
+            "title" : "IBM Security Bulletin 6529200 (Cloud Pak for Security)",
+            "name" : "https://www.ibm.com/support/pages/node/6529200",
+            "url" : "https://www.ibm.com/support/pages/node/6529200",
+            "refsource" : "CONFIRM"
+         },
+         {
+            "title" : "X-Force Vulnerability Report",
+            "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/213651",
+            "name" : "ibm-cp4s-cve202139013-info-disc (213651)",
+            "refsource" : "XF"
+         }
+      ]
+   },
+   "data_version" : "4.0",
+   "impact" : {
+      "cvssv3" : {
+         "TM" : {
+            "RC" : "C",
+            "RL" : "O",
+            "E" : "U"
+         },
+         "BM" : {
+            "S" : "U",
+            "AV" : "N",
+            "A" : "N",
+            "SCORE" : "4.300",
+            "UI" : "N",
+            "AC" : "L",
+            "PR" : "L",
+            "I" : "N",
+            "C" : "L"
+         }
+      }
+   },
+   "CVE_data_meta" : {
+      "DATE_PUBLIC" : "2021-12-21T00:00:00",
+      "STATE" : "PUBLIC",
+      "ID" : "CVE-2021-39013",
+      "ASSIGNER" : "psirt@us.ibm.com"
+   },
+   "data_type" : "CVE",
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "Obtain Information"
+               }
+            ]
+         }
+      ]
+   },
+   "description" : {
+      "description_data" : [
+         {
+            "value" : "IBM Cloud Pak for Security (CP4S) 1.7.2.0, 1.7.1.0, and 1.7.0.0 could allow an authenticated user to obtain sensitive information in HTTP responses that could be used in further attacks against the system.  IBM X-Force ID:  213651.",
+            "lang" : "eng"
+         }
+      ]
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
            {
-                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+               "product" : {
+                  "product_data" : [
+                     {
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "1.7.0.0"
+                              },
+                              {
+                                 "version_value" : "1.7.1.0"
+                              },
+                              {
+                                 "version_value" : "1.7.2.0"
+                              }
+                           ]
+                        },
+                        "product_name" : "Cloud Pak for Security"
+                     }
+                  ]
+               },
+               "vendor_name" : "IBM"
            }
-        ]
-    }
-}
+         ]
+      }
+   }
+}