From 60b4cbf6cddb1566d1907e41ce70e74a28fb5936 Mon Sep 17 00:00:00 2001 From: unknown Date: Fri, 9 Jul 2021 12:14:46 +0800 Subject: [PATCH 01/26] Update TWCERT/CC CVE-2021-32537 --- 2021/32xxx/CVE-2021-32537.json | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/2021/32xxx/CVE-2021-32537.json b/2021/32xxx/CVE-2021-32537.json index 2131ab17fe0..6a2aa78395d 100644 --- a/2021/32xxx/CVE-2021-32537.json +++ b/2021/32xxx/CVE-2021-32537.json @@ -2,7 +2,7 @@ "CVE_data_meta": { "AKA": "TWCERT/CC", "ASSIGNER": "cve@cert.org.tw", - "DATE_PUBLIC": "2021-06-21T02:49:00.000Z", + "DATE_PUBLIC": "2021-06-21T07:11:00.000Z", "ID": "CVE-2021-32537", "STATE": "PUBLIC", "TITLE": "Realtek High definition audio Windows driver crashed" @@ -32,6 +32,12 @@ ] } }, + "credit": [ + { + "lang": "eng", + "value": "Realtek" + } + ], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", @@ -39,7 +45,7 @@ "description_data": [ { "lang": "eng", - "value": "Realtek HAD contains a driver crashed vulnerability which allows local side attackers to send a special string to the kernel driver in a user’s mode. Due to unexpected commands, the kernel driver will cause the system crashed.\nA vulnerability in ____COMPONENT____ of Realtek HDA driver allows ____ATTACKER/ATTACK____ to cause ____IMPACT____.\nThis issue affects:\nRealtek HDA driver\n8155 version 9150 and prior versions." + "value": "Realtek HAD contains a driver crashed vulnerability which allows local side attackers to send a special string to the kernel driver in a user’s mode. Due to unexpected commands, the kernel driver will cause the system crashed." } ] }, @@ -85,7 +91,7 @@ "solution": [ { "lang": "eng", - "value": "Update Realtek HDA driver version to 9152." + "value": "Update Realtek HDA driver version to 9152" } ], "source": { From c89ed453a71ac38cd245b4461e950c429b7289c7 Mon Sep 17 00:00:00 2001 From: Scott Moore - IBM Date: Thu, 15 Jul 2021 13:10:11 -0400 Subject: [PATCH 02/26] IBM20210715-131011 Added CVE-2021-20523, CVE-2021-29742, CVE-2021-20498, CVE-2021-20496, CVE-2021-20499, CVE-2021-20533, CVE-2021-20510, CVE-2021-20534, CVE-2021-20500, CVE-2021-20511, CVE-2021-20497, CVE-2021-20524, CVE-2021-20537, CVE-2021-29699 --- 2021/20xxx/CVE-2021-20496.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20497.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20498.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20499.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20500.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20510.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20511.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20523.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20524.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20533.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20534.json | 102 ++++++++++++++++++++++++++++----- 2021/20xxx/CVE-2021-20537.json | 102 ++++++++++++++++++++++++++++----- 2021/29xxx/CVE-2021-29699.json | 102 ++++++++++++++++++++++++++++----- 2021/29xxx/CVE-2021-29742.json | 102 ++++++++++++++++++++++++++++----- 14 files changed, 1218 insertions(+), 210 deletions(-) diff --git a/2021/20xxx/CVE-2021-20496.json b/2021/20xxx/CVE-2021-20496.json index 3a4668cb330..9fbe4471143 100644 --- a/2021/20xxx/CVE-2021-20496.json +++ b/2021/20xxx/CVE-2021-20496.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20496", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_type" : "CVE", + "CVE_data_meta" : { + "ID" : "CVE-2021-20496", + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC" + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Bypass Security" + } + ] + } + ] + }, + "data_format" : "MITRE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + }, + "product_name" : "Security Verify Access Docker" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Security Verify Access Docker 10.0.0 could allow an authenticated user to bypass input due to improper input validation. IBM X-Force ID: 197966." + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "S" : "U", + "I" : "L", + "SCORE" : "2.700", + "UI" : "N", + "C" : "N", + "PR" : "H", + "AV" : "N", + "A" : "N", + "AC" : "L" + }, + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + } + } + }, + "data_version" : "4.0", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "refsource" : "CONFIRM" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197966", + "refsource" : "XF", + "name" : "ibm-sam-cve202120496-sec-bypass (197966)", + "title" : "X-Force Vulnerability Report" + } + ] + } +} diff --git a/2021/20xxx/CVE-2021-20497.json b/2021/20xxx/CVE-2021-20497.json index f541742556a..1f8d79ad2ed 100644 --- a/2021/20xxx/CVE-2021-20497.json +++ b/2021/20xxx/CVE-2021-20497.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20497", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_version" : "4.0", + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "url" : "https://www.ibm.com/support/pages/node/6471895" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197969", + "refsource" : "XF", + "name" : "ibm-sam-cve202120497-info-disc (197969)", + "title" : "X-Force Vulnerability Report" + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "PR" : "N", + "C" : "H", + "SCORE" : "5.900", + "UI" : "N", + "I" : "N", + "S" : "U", + "AC" : "H", + "AV" : "N", + "A" : "N" + }, + "TM" : { + "RC" : "C", + "RL" : "O", + "E" : "U" + } + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197969", + "lang" : "eng" + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "Security Verify Access Docker", + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Obtain Information", + "lang" : "eng" + } + ] + } + ] + }, + "data_type" : "CVE", + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2021-20497", + "DATE_PUBLIC" : "2021-07-13T00:00:00" + }, + "data_format" : "MITRE" +} diff --git a/2021/20xxx/CVE-2021-20498.json b/2021/20xxx/CVE-2021-20498.json index 739da80c3f1..76eb9d8c57d 100644 --- a/2021/20xxx/CVE-2021-20498.json +++ b/2021/20xxx/CVE-2021-20498.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20498", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "CVE_data_meta" : { + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "ID" : "CVE-2021-20498" + }, + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + }, + "product_name" : "Security Verify Access Docker" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "impact" : { + "cvssv3" : { + "BM" : { + "PR" : "N", + "SCORE" : "5.300", + "C" : "L", + "UI" : "N", + "S" : "U", + "I" : "N", + "AV" : "N", + "A" : "N", + "AC" : "L" + }, + "TM" : { + "RC" : "C", + "E" : "U", + "RL" : "O" + } + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Security Verify Access Docker 10.0.0 reveals version information in HTTP requets that could be used in further attacks against the system. IBM X-Force ID: 197972." + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "refsource" : "CONFIRM" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "name" : "ibm-sam-cve202120498-info-disc (197972)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197972" + } + ] + }, + "data_version" : "4.0" +} diff --git a/2021/20xxx/CVE-2021-20499.json b/2021/20xxx/CVE-2021-20499.json index 40e406aa11a..744fb155af4 100644 --- a/2021/20xxx/CVE-2021-20499.json +++ b/2021/20xxx/CVE-2021-20499.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20499", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name" : "https://www.ibm.com/support/pages/node/6471895" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197973", + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "name" : "ibm-sam-cve202120499-info-disc (197973)" + } + ] + }, + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197973" + } + ] + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RC" : "C", + "RL" : "O", + "E" : "U" + }, + "BM" : { + "A" : "N", + "AV" : "N", + "AC" : "L", + "S" : "U", + "I" : "N", + "SCORE" : "2.700", + "C" : "L", + "UI" : "N", + "PR" : "H" + } + } + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "product_name" : "Security Verify Access Docker", + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + } + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "data_format" : "MITRE", + "CVE_data_meta" : { + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "ID" : "CVE-2021-20499", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "data_type" : "CVE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Obtain Information", + "lang" : "eng" + } + ] + } + ] + } +} diff --git a/2021/20xxx/CVE-2021-20500.json b/2021/20xxx/CVE-2021-20500.json index de68dea0ae0..bb231aadfc3 100644 --- a/2021/20xxx/CVE-2021-20500.json +++ b/2021/20xxx/CVE-2021-20500.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20500", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "CVE_data_meta" : { + "ID" : "CVE-2021-20500", + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + }, + "product_name" : "Security Verify Access Docker" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "impact" : { + "cvssv3" : { + "BM" : { + "AC" : "L", + "A" : "N", + "AV" : "L", + "S" : "U", + "I" : "N", + "PR" : "H", + "C" : "H", + "SCORE" : "4.400", + "UI" : "N" + }, + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + } + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local privileged user. IBM X-Force ID: 197980.", + "lang" : "eng" + } + ] + }, + "references" : { + "reference_data" : [ + { + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "refsource" : "CONFIRM", + "url" : "https://www.ibm.com/support/pages/node/6471895" + }, + { + "refsource" : "XF", + "name" : "ibm-sam-cve202120500-info-disc (197980)", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197980" + } + ] + }, + "data_version" : "4.0" +} diff --git a/2021/20xxx/CVE-2021-20510.json b/2021/20xxx/CVE-2021-20510.json index 4cd5fdffe0f..9f1294f0a51 100644 --- a/2021/20xxx/CVE-2021-20510.json +++ b/2021/20xxx/CVE-2021-20510.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20510", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "Security Verify Access Docker", + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Obtain Information", + "lang" : "eng" + } + ] + } + ] + }, + "CVE_data_meta" : { + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "ID" : "CVE-2021-20510" + }, + "data_type" : "CVE", + "data_format" : "MITRE", + "data_version" : "4.0", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "refsource" : "CONFIRM" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "name" : "ibm-sam-cve202120510-info-disc (198299)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198299" + } + ] + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RL" : "O", + "E" : "U", + "RC" : "C" + }, + "BM" : { + "I" : "N", + "S" : "C", + "SCORE" : "6.800", + "C" : "H", + "UI" : "N", + "PR" : "H", + "A" : "N", + "AV" : "N", + "AC" : "L" + } + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 198299", + "lang" : "eng" + } + ] + } +} diff --git a/2021/20xxx/CVE-2021-20511.json b/2021/20xxx/CVE-2021-20511.json index 449b8100faf..e5281c70aa7 100644 --- a/2021/20xxx/CVE-2021-20511.json +++ b/2021/20xxx/CVE-2021-20511.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20511", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "Security Verify Access Docker", + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "data_type" : "CVE", + "CVE_data_meta" : { + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "ID" : "CVE-2021-20511" + }, + "data_format" : "MITRE", + "data_version" : "4.0", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "refsource" : "CONFIRM" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198300", + "refsource" : "XF", + "name" : "ibm-sam-cve202120511-info-disc (198300)", + "title" : "X-Force Vulnerability Report" + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "AC" : "L", + "A" : "N", + "AV" : "A", + "PR" : "H", + "SCORE" : "5.200", + "UI" : "N", + "C" : "H", + "S" : "U", + "I" : "L" + }, + "TM" : { + "RC" : "C", + "E" : "U", + "RL" : "O" + } + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 198300.", + "lang" : "eng" + } + ] + } +} diff --git a/2021/20xxx/CVE-2021-20523.json b/2021/20xxx/CVE-2021-20523.json index 923a7133774..8eb4968727d 100644 --- a/2021/20xxx/CVE-2021-20523.json +++ b/2021/20xxx/CVE-2021-20523.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20523", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "impact" : { + "cvssv3" : { + "BM" : { + "S" : "U", + "I" : "N", + "SCORE" : "2.700", + "C" : "L", + "UI" : "N", + "PR" : "H", + "A" : "N", + "AV" : "N", + "AC" : "L" + }, + "TM" : { + "RL" : "O", + "E" : "U", + "RC" : "C" + } + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 198660", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "url" : "https://www.ibm.com/support/pages/node/6471895" + }, + { + "title" : "X-Force Vulnerability Report", + "name" : "ibm-sam-cve202120523-info-disc (198660)", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198660" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "CVE_data_meta" : { + "ID" : "CVE-2021-20523", + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC" + }, + "data_type" : "CVE", + "data_format" : "MITRE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "product_name" : "Security Verify Access Docker", + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + } + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + } +} diff --git a/2021/20xxx/CVE-2021-20524.json b/2021/20xxx/CVE-2021-20524.json index aa507efcb94..5d458656b15 100644 --- a/2021/20xxx/CVE-2021-20524.json +++ b/2021/20xxx/CVE-2021-20524.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20524", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "refsource" : "CONFIRM" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198661", + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "name" : "ibm-sam-cve202120524-xss (198661)" + } + ] + }, + "data_version" : "4.0", + "impact" : { + "cvssv3" : { + "BM" : { + "UI" : "R", + "SCORE" : "4.800", + "C" : "L", + "PR" : "H", + "I" : "L", + "S" : "C", + "AV" : "N", + "A" : "N", + "AC" : "L" + }, + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + } + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Security Verify Access Docker 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198661." + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + }, + "product_name" : "Security Verify Access Docker" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "data_format" : "MITRE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Cross-Site Scripting" + } + ] + } + ] + }, + "data_type" : "CVE", + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "ID" : "CVE-2021-20524" + } +} diff --git a/2021/20xxx/CVE-2021-20533.json b/2021/20xxx/CVE-2021-20533.json index 6b28ec6290b..c084deba0d6 100644 --- a/2021/20xxx/CVE-2021-20533.json +++ b/2021/20xxx/CVE-2021-20533.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20533", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "data_type" : "CVE", + "CVE_data_meta" : { + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "ID" : "CVE-2021-20533", + "DATE_PUBLIC" : "2021-07-13T00:00:00" + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Privileges" + } + ] + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + }, + "product_name" : "Security Verify Access Docker" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 198813" + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "I" : "H", + "S" : "C", + "SCORE" : "8.400", + "UI" : "N", + "C" : "H", + "PR" : "H", + "A" : "H", + "AV" : "A", + "AC" : "L" + }, + "TM" : { + "RC" : "C", + "RL" : "O", + "E" : "U" + } + } + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "refsource" : "CONFIRM" + }, + { + "name" : "ibm-sam-cve202120533-command-injection (198813)", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198813" + } + ] + }, + "data_version" : "4.0" +} diff --git a/2021/20xxx/CVE-2021-20534.json b/2021/20xxx/CVE-2021-20534.json index b0d37245afd..2bbe0b1dacb 100644 --- a/2021/20xxx/CVE-2021-20534.json +++ b/2021/20xxx/CVE-2021-20534.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20534", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_version" : "4.0", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name" : "https://www.ibm.com/support/pages/node/6471895" + }, + { + "name" : "ibm-sam-cve202120534-open-redirect (198814)", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198814" + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "I" : "H", + "S" : "U", + "PR" : "H", + "SCORE" : "4.500", + "UI" : "R", + "C" : "N", + "AV" : "N", + "A" : "N", + "AC" : "L" + }, + "TM" : { + "RC" : "C", + "E" : "U", + "RL" : "O" + } + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 198814", + "lang" : "eng" + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "product_name" : "Security Verify Access Docker", + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + } + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Access", + "lang" : "eng" + } + ] + } + ] + }, + "CVE_data_meta" : { + "ID" : "CVE-2021-20534", + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC" + }, + "data_type" : "CVE", + "data_format" : "MITRE" +} diff --git a/2021/20xxx/CVE-2021-20537.json b/2021/20xxx/CVE-2021-20537.json index 37349a6b80f..4d6b1798a3e 100644 --- a/2021/20xxx/CVE-2021-20537.json +++ b/2021/20xxx/CVE-2021-20537.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-20537", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "data_type" : "CVE", + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "ID" : "CVE-2021-20537" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + }, + "product_name" : "Security Verify Access Docker" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "impact" : { + "cvssv3" : { + "BM" : { + "AC" : "L", + "AV" : "N", + "A" : "N", + "C" : "H", + "SCORE" : "6.500", + "UI" : "N", + "PR" : "L", + "I" : "N", + "S" : "U" + }, + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + } + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID:198918" + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "refsource" : "CONFIRM" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198918", + "title" : "X-Force Vulnerability Report", + "name" : "ibm-sam-cve202120537-infor-disc (198918)", + "refsource" : "XF" + } + ] + }, + "data_version" : "4.0" +} diff --git a/2021/29xxx/CVE-2021-29699.json b/2021/29xxx/CVE-2021-29699.json index 97145378455..793b655ea67 100644 --- a/2021/29xxx/CVE-2021-29699.json +++ b/2021/29xxx/CVE-2021-29699.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-29699", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Access" + } + ] + } + ] + }, + "data_type" : "CVE", + "CVE_data_meta" : { + "DATE_PUBLIC" : "2021-07-13T00:00:00", + "ID" : "CVE-2021-29699", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC" + }, + "data_format" : "MITRE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "product_name" : "Security Verify Access Docker", + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + } + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RC" : "C", + "E" : "U", + "RL" : "O" + }, + "BM" : { + "AV" : "A", + "A" : "H", + "AC" : "L", + "S" : "U", + "I" : "H", + "C" : "H", + "SCORE" : "6.600", + "UI" : "R", + "PR" : "H" + } + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote priviled user to upload arbitrary files with a dangerous file type that could be excuted by an user. IBM X-Force ID: 200600." + } + ] + }, + "data_version" : "4.0", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "refsource" : "CONFIRM", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/200600", + "refsource" : "XF", + "name" : "ibm-sam-cve202129699-file-upload (200600)", + "title" : "X-Force Vulnerability Report" + } + ] + } +} diff --git a/2021/29xxx/CVE-2021-29742.json b/2021/29xxx/CVE-2021-29742.json index e676c4530f1..ea52843c277 100644 --- a/2021/29xxx/CVE-2021-29742.json +++ b/2021/29xxx/CVE-2021-29742.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-29742", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "impact" : { + "cvssv3" : { + "TM" : { + "RL" : "O", + "E" : "U", + "RC" : "C" + }, + "BM" : { + "PR" : "N", + "SCORE" : "7.900", + "UI" : "R", + "C" : "H", + "S" : "C", + "I" : "H", + "AV" : "A", + "A" : "H", + "AC" : "H" + } + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Security Verify Access Docker 10.0.0 could allow a user to impersonate another user on the system. IBM X-Force ID: 201483.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6471895", + "name" : "https://www.ibm.com/support/pages/node/6471895", + "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "refsource" : "CONFIRM" + }, + { + "refsource" : "XF", + "name" : "ibm-sam-cve202129742-session-fixation (201483)", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/201483" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Access" + } + ] + } + ] + }, + "data_type" : "CVE", + "CVE_data_meta" : { + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "ID" : "CVE-2021-29742", + "DATE_PUBLIC" : "2021-07-13T00:00:00" + }, + "data_format" : "MITRE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "Security Verify Access Docker", + "version" : { + "version_data" : [ + { + "version_value" : "10.0.0" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + } +} From f8ab5644d38dad17ef522d1dadfde03eb745df6e Mon Sep 17 00:00:00 2001 From: zdi-team Date: Thu, 15 Jul 2021 12:33:49 -0500 Subject: [PATCH 03/26] ZDI assigns the following CVEs: M CVE-2021-34827.json M CVE-2021-34828.json M CVE-2021-34829.json M CVE-2021-34830.json --- 2021/34xxx/CVE-2021-34827.json | 81 +++++++++++++++++++++++++++------- 2021/34xxx/CVE-2021-34828.json | 81 +++++++++++++++++++++++++++------- 2021/34xxx/CVE-2021-34829.json | 81 +++++++++++++++++++++++++++------- 2021/34xxx/CVE-2021-34830.json | 81 +++++++++++++++++++++++++++------- 4 files changed, 260 insertions(+), 64 deletions(-) diff --git a/2021/34xxx/CVE-2021-34827.json b/2021/34xxx/CVE-2021-34827.json index cfa9e834b8a..4c9293c0346 100644 --- a/2021/34xxx/CVE-2021-34827.json +++ b/2021/34xxx/CVE-2021-34827.json @@ -1,18 +1,67 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-34827", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-34827", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "DAP-1330", + "version": { + "version_data": [ + { + "version_value": "1.13B01 BETA" + } + ] + } + } + ] + }, + "vendor_name": "D-Link" + } + ] } -} \ No newline at end of file + }, + "credit": "phieulang", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device.\n Was ZDI-CAN-12029." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121: Stack-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-679/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } + } +} diff --git a/2021/34xxx/CVE-2021-34828.json b/2021/34xxx/CVE-2021-34828.json index 3a3c897968d..d91744c4a98 100644 --- a/2021/34xxx/CVE-2021-34828.json +++ b/2021/34xxx/CVE-2021-34828.json @@ -1,18 +1,67 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-34828", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-34828", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "DAP-1330", + "version": { + "version_data": [ + { + "version_value": "1.13B01 BETA" + } + ] + } + } + ] + }, + "vendor_name": "D-Link" + } + ] } -} \ No newline at end of file + }, + "credit": "chung96vn of Vietnam National Cyber Security Center (NCSC Vietnam)", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12066." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-680/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } + } +} diff --git a/2021/34xxx/CVE-2021-34829.json b/2021/34xxx/CVE-2021-34829.json index b52f7ab2249..72777bb4972 100644 --- a/2021/34xxx/CVE-2021-34829.json +++ b/2021/34xxx/CVE-2021-34829.json @@ -1,18 +1,67 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-34829", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-34829", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "DAP-1330", + "version": { + "version_data": [ + { + "version_value": "1.13B01 BETA" + } + ] + } + } + ] + }, + "vendor_name": "D-Link" + } + ] } -} \ No newline at end of file + }, + "credit": "phieulang", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the HNAP_AUTH HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12065." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-681/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } + } +} diff --git a/2021/34xxx/CVE-2021-34830.json b/2021/34xxx/CVE-2021-34830.json index 55277ca80c1..b4dfdd5837a 100644 --- a/2021/34xxx/CVE-2021-34830.json +++ b/2021/34xxx/CVE-2021-34830.json @@ -1,18 +1,67 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-34830", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-34830", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "DAP-1330", + "version": { + "version_data": [ + { + "version_value": "1.13B01 BETA" + } + ] + } + } + ] + }, + "vendor_name": "D-Link" + } + ] } -} \ No newline at end of file + }, + "credit": "chung96vn of Vietnam National Cyber Security Center (NCSC Vietnam)", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the Cookie HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. \n Was ZDI-CAN-12028." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121: Stack-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-682/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } + } +} From 5cb9fe44522b8327fe7915504ddb272b0467ef46 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 15 Jul 2021 18:00:55 +0000 Subject: [PATCH 04/26] "-Synchronized-Data." --- 2020/11xxx/CVE-2020-11633.json | 50 +++++++++- 2021/20xxx/CVE-2021-20496.json | 174 ++++++++++++++++---------------- 2021/20xxx/CVE-2021-20497.json | 172 ++++++++++++++++---------------- 2021/20xxx/CVE-2021-20498.json | 174 ++++++++++++++++---------------- 2021/20xxx/CVE-2021-20499.json | 172 ++++++++++++++++---------------- 2021/20xxx/CVE-2021-20500.json | 174 ++++++++++++++++---------------- 2021/20xxx/CVE-2021-20510.json | 176 ++++++++++++++++----------------- 2021/20xxx/CVE-2021-20511.json | 176 ++++++++++++++++----------------- 2021/20xxx/CVE-2021-20523.json | 176 ++++++++++++++++----------------- 2021/20xxx/CVE-2021-20524.json | 172 ++++++++++++++++---------------- 2021/20xxx/CVE-2021-20533.json | 174 ++++++++++++++++---------------- 2021/20xxx/CVE-2021-20534.json | 172 ++++++++++++++++---------------- 2021/20xxx/CVE-2021-20537.json | 174 ++++++++++++++++---------------- 2021/29xxx/CVE-2021-29699.json | 174 ++++++++++++++++---------------- 2021/29xxx/CVE-2021-29742.json | 176 ++++++++++++++++----------------- 2021/34xxx/CVE-2021-34827.json | 124 +++++++++++------------ 2021/34xxx/CVE-2021-34828.json | 124 +++++++++++------------ 2021/34xxx/CVE-2021-34829.json | 124 +++++++++++------------ 2021/34xxx/CVE-2021-34830.json | 124 +++++++++++------------ 19 files changed, 1517 insertions(+), 1465 deletions(-) diff --git a/2020/11xxx/CVE-2020-11633.json b/2020/11xxx/CVE-2020-11633.json index 6358c33a1c0..882dd59f6b5 100644 --- a/2020/11xxx/CVE-2020-11633.json +++ b/2020/11xxx/CVE-2020-11633.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11633", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@zscaler.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2020?applicable_category=Windows&applicable_version=2.1.2.81", + "url": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2020?applicable_category=Windows&applicable_version=2.1.2.81" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Zscaler Client Connector for Windows prior to 2.1.2.74 had a stack based buffer overflow when connecting to misconfigured TLS servers. An adversary would potentially have been able to execute arbitrary code with system privileges." } ] } diff --git a/2021/20xxx/CVE-2021-20496.json b/2021/20xxx/CVE-2021-20496.json index 9fbe4471143..ce31cdd506a 100644 --- a/2021/20xxx/CVE-2021-20496.json +++ b/2021/20xxx/CVE-2021-20496.json @@ -1,90 +1,90 @@ { - "data_type" : "CVE", - "CVE_data_meta" : { - "ID" : "CVE-2021-20496", - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC" - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Bypass Security" - } - ] - } - ] - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_type": "CVE", + "CVE_data_meta": { + "ID": "CVE-2021-20496", + "DATE_PUBLIC": "2021-07-13T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + }, + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - }, - "product_name" : "Security Verify Access Docker" - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "lang": "eng", + "value": "Bypass Security" + } + ] } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Verify Access Docker 10.0.0 could allow an authenticated user to bypass input due to improper input validation. IBM X-Force ID: 197966." - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "S" : "U", - "I" : "L", - "SCORE" : "2.700", - "UI" : "N", - "C" : "N", - "PR" : "H", - "AV" : "N", - "A" : "N", - "AC" : "L" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "refsource" : "CONFIRM" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197966", - "refsource" : "XF", - "name" : "ibm-sam-cve202120496-sec-bypass (197966)", - "title" : "X-Force Vulnerability Report" - } - ] - } -} + ] + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + }, + "product_name": "Security Verify Access Docker" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Verify Access Docker 10.0.0 could allow an authenticated user to bypass input due to improper input validation. IBM X-Force ID: 197966." + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "S": "U", + "I": "L", + "SCORE": "2.700", + "UI": "N", + "C": "N", + "PR": "H", + "AV": "N", + "A": "N", + "AC": "L" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6471895", + "name": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "refsource": "CONFIRM" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/197966", + "refsource": "XF", + "name": "ibm-sam-cve202120496-sec-bypass (197966)", + "title": "X-Force Vulnerability Report" + } + ] + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20497.json b/2021/20xxx/CVE-2021-20497.json index 1f8d79ad2ed..c98dd4b23dc 100644 --- a/2021/20xxx/CVE-2021-20497.json +++ b/2021/20xxx/CVE-2021-20497.json @@ -1,90 +1,90 @@ { - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "url" : "https://www.ibm.com/support/pages/node/6471895" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197969", - "refsource" : "XF", - "name" : "ibm-sam-cve202120497-info-disc (197969)", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "PR" : "N", - "C" : "H", - "SCORE" : "5.900", - "UI" : "N", - "I" : "N", - "S" : "U", - "AC" : "H", - "AV" : "N", - "A" : "N" - }, - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - } - } - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197969", - "lang" : "eng" - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_version": "4.0", + "references": { + "reference_data": [ { - "product" : { - "product_data" : [ - { - "product_name" : "Security Verify Access Docker", - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "refsource": "CONFIRM", + "name": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "url": "https://www.ibm.com/support/pages/node/6471895" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/197969", + "refsource": "XF", + "name": "ibm-sam-cve202120497-info-disc (197969)", + "title": "X-Force Vulnerability Report" } - ] - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "PR": "N", + "C": "H", + "SCORE": "5.900", + "UI": "N", + "I": "N", + "S": "U", + "AC": "H", + "AV": "N", + "A": "N" + }, + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + } + } + }, + "description": { + "description_data": [ + { + "value": "IBM Security Verify Access Docker 10.0.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 197969", + "lang": "eng" + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Docker", + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "ID" : "CVE-2021-20497", - "DATE_PUBLIC" : "2021-07-13T00:00:00" - }, - "data_format" : "MITRE" -} + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + }, + "data_type": "CVE", + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "ID": "CVE-2021-20497", + "DATE_PUBLIC": "2021-07-13T00:00:00" + }, + "data_format": "MITRE" +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20498.json b/2021/20xxx/CVE-2021-20498.json index 76eb9d8c57d..884f19985c5 100644 --- a/2021/20xxx/CVE-2021-20498.json +++ b/2021/20xxx/CVE-2021-20498.json @@ -1,90 +1,90 @@ { - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "ID" : "CVE-2021-20498" - }, - "data_type" : "CVE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - }, - "product_name" : "Security Verify Access Docker" - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] } - ] - } - }, - "impact" : { - "cvssv3" : { - "BM" : { - "PR" : "N", - "SCORE" : "5.300", - "C" : "L", - "UI" : "N", - "S" : "U", - "I" : "N", - "AV" : "N", - "A" : "N", - "AC" : "L" - }, - "TM" : { - "RC" : "C", - "E" : "U", - "RL" : "O" - } - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Verify Access Docker 10.0.0 reveals version information in HTTP requets that could be used in further attacks against the system. IBM X-Force ID: 197972." - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "refsource" : "CONFIRM" - }, - { - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-sam-cve202120498-info-disc (197972)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197972" - } - ] - }, - "data_version" : "4.0" -} + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2021-07-13T00:00:00", + "ID": "CVE-2021-20498" + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + }, + "product_name": "Security Verify Access Docker" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "impact": { + "cvssv3": { + "BM": { + "PR": "N", + "SCORE": "5.300", + "C": "L", + "UI": "N", + "S": "U", + "I": "N", + "AV": "N", + "A": "N", + "AC": "L" + }, + "TM": { + "RC": "C", + "E": "U", + "RL": "O" + } + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Verify Access Docker 10.0.0 reveals version information in HTTP requets that could be used in further attacks against the system. IBM X-Force ID: 197972." + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name": "https://www.ibm.com/support/pages/node/6471895", + "refsource": "CONFIRM" + }, + { + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-sam-cve202120498-info-disc (197972)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/197972" + } + ] + }, + "data_version": "4.0" +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20499.json b/2021/20xxx/CVE-2021-20499.json index 744fb155af4..e5f564d6208 100644 --- a/2021/20xxx/CVE-2021-20499.json +++ b/2021/20xxx/CVE-2021-20499.json @@ -1,90 +1,90 @@ { - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "name" : "https://www.ibm.com/support/pages/node/6471895" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197973", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-sam-cve202120499-info-disc (197973)" - } - ] - }, - "data_version" : "4.0", - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197973" - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - }, - "BM" : { - "A" : "N", - "AV" : "N", - "AC" : "L", - "S" : "U", - "I" : "N", - "SCORE" : "2.700", - "C" : "L", - "UI" : "N", - "PR" : "H" - } - } - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Security Verify Access Docker", - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - } - } - ] - } + "url": "https://www.ibm.com/support/pages/node/6471895", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name": "https://www.ibm.com/support/pages/node/6471895" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/197973", + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-sam-cve202120499-info-disc (197973)" } - ] - } - }, - "data_format" : "MITRE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "ID" : "CVE-2021-20499", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } + ] + }, + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 197973" + } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + }, + "BM": { + "A": "N", + "AV": "N", + "AC": "L", + "S": "U", + "I": "N", + "SCORE": "2.700", + "C": "L", + "UI": "N", + "PR": "H" + } + } + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Docker", + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + } + } + ] + } + } ] - } - ] - } -} + } + }, + "data_format": "MITRE", + "CVE_data_meta": { + "DATE_PUBLIC": "2021-07-13T00:00:00", + "ID": "CVE-2021-20499", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com" + }, + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20500.json b/2021/20xxx/CVE-2021-20500.json index bb231aadfc3..c5e1133a7b3 100644 --- a/2021/20xxx/CVE-2021-20500.json +++ b/2021/20xxx/CVE-2021-20500.json @@ -1,90 +1,90 @@ { - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "CVE_data_meta" : { - "ID" : "CVE-2021-20500", - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "data_type" : "CVE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - }, - "product_name" : "Security Verify Access Docker" - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] } - ] - } - }, - "impact" : { - "cvssv3" : { - "BM" : { - "AC" : "L", - "A" : "N", - "AV" : "L", - "S" : "U", - "I" : "N", - "PR" : "H", - "C" : "H", - "SCORE" : "4.400", - "UI" : "N" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local privileged user. IBM X-Force ID: 197980.", - "lang" : "eng" - } - ] - }, - "references" : { - "reference_data" : [ - { - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "refsource" : "CONFIRM", - "url" : "https://www.ibm.com/support/pages/node/6471895" - }, - { - "refsource" : "XF", - "name" : "ibm-sam-cve202120500-info-disc (197980)", - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/197980" - } - ] - }, - "data_version" : "4.0" -} + ] + }, + "CVE_data_meta": { + "ID": "CVE-2021-20500", + "DATE_PUBLIC": "2021-07-13T00:00:00", + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com" + }, + "data_type": "CVE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + }, + "product_name": "Security Verify Access Docker" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "impact": { + "cvssv3": { + "BM": { + "AC": "L", + "A": "N", + "AV": "L", + "S": "U", + "I": "N", + "PR": "H", + "C": "H", + "SCORE": "4.400", + "UI": "N" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "description": { + "description_data": [ + { + "value": "IBM Security Verify Access Docker 10.0.0 could reveal highly sensitive information to a local privileged user. IBM X-Force ID: 197980.", + "lang": "eng" + } + ] + }, + "references": { + "reference_data": [ + { + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name": "https://www.ibm.com/support/pages/node/6471895", + "refsource": "CONFIRM", + "url": "https://www.ibm.com/support/pages/node/6471895" + }, + { + "refsource": "XF", + "name": "ibm-sam-cve202120500-info-disc (197980)", + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/197980" + } + ] + }, + "data_version": "4.0" +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20510.json b/2021/20xxx/CVE-2021-20510.json index 9f1294f0a51..a950fa4d22a 100644 --- a/2021/20xxx/CVE-2021-20510.json +++ b/2021/20xxx/CVE-2021-20510.json @@ -1,90 +1,90 @@ { - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Security Verify Access Docker", - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Docker", + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "ID" : "CVE-2021-20510" - }, - "data_type" : "CVE", - "data_format" : "MITRE", - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "refsource" : "CONFIRM" - }, - { - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-sam-cve202120510-info-disc (198299)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198299" - } - ] - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "E" : "U", - "RC" : "C" - }, - "BM" : { - "I" : "N", - "S" : "C", - "SCORE" : "6.800", - "C" : "H", - "UI" : "N", - "PR" : "H", - "A" : "N", - "AV" : "N", - "AC" : "L" - } - } - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 198299", - "lang" : "eng" - } - ] - } -} + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2021-07-13T00:00:00", + "ID": "CVE-2021-20510" + }, + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6471895", + "name": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "refsource": "CONFIRM" + }, + { + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-sam-cve202120510-info-disc (198299)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198299" + } + ] + }, + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "E": "U", + "RC": "C" + }, + "BM": { + "I": "N", + "S": "C", + "SCORE": "6.800", + "C": "H", + "UI": "N", + "PR": "H", + "A": "N", + "AV": "N", + "AC": "L" + } + } + }, + "description": { + "description_data": [ + { + "value": "IBM Security Verify Access Docker 10.0.0 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 198299", + "lang": "eng" + } + ] + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20511.json b/2021/20xxx/CVE-2021-20511.json index e5281c70aa7..54b0a7433e4 100644 --- a/2021/20xxx/CVE-2021-20511.json +++ b/2021/20xxx/CVE-2021-20511.json @@ -1,90 +1,90 @@ { - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Security Verify Access Docker", - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" - } - ] - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Docker", + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "ID" : "CVE-2021-20511" - }, - "data_format" : "MITRE", - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "refsource" : "CONFIRM" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198300", - "refsource" : "XF", - "name" : "ibm-sam-cve202120511-info-disc (198300)", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "AC" : "L", - "A" : "N", - "AV" : "A", - "PR" : "H", - "SCORE" : "5.200", - "UI" : "N", - "C" : "H", - "S" : "U", - "I" : "L" - }, - "TM" : { - "RC" : "C", - "E" : "U", - "RL" : "O" - } - } - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 198300.", - "lang" : "eng" - } - ] - } -} + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "data_type": "CVE", + "CVE_data_meta": { + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "DATE_PUBLIC": "2021-07-13T00:00:00", + "ID": "CVE-2021-20511" + }, + "data_format": "MITRE", + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6471895", + "name": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "refsource": "CONFIRM" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198300", + "refsource": "XF", + "name": "ibm-sam-cve202120511-info-disc (198300)", + "title": "X-Force Vulnerability Report" + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "AC": "L", + "A": "N", + "AV": "A", + "PR": "H", + "SCORE": "5.200", + "UI": "N", + "C": "H", + "S": "U", + "I": "L" + }, + "TM": { + "RC": "C", + "E": "U", + "RL": "O" + } + } + }, + "description": { + "description_data": [ + { + "value": "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 198300.", + "lang": "eng" + } + ] + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20523.json b/2021/20xxx/CVE-2021-20523.json index 8eb4968727d..fe2f5eee40a 100644 --- a/2021/20xxx/CVE-2021-20523.json +++ b/2021/20xxx/CVE-2021-20523.json @@ -1,90 +1,90 @@ { - "impact" : { - "cvssv3" : { - "BM" : { - "S" : "U", - "I" : "N", - "SCORE" : "2.700", - "C" : "L", - "UI" : "N", - "PR" : "H", - "A" : "N", - "AV" : "N", - "AC" : "L" - }, - "TM" : { - "RL" : "O", - "E" : "U", - "RC" : "C" - } - } - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 198660", - "lang" : "eng" - } - ] - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "refsource" : "CONFIRM", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "url" : "https://www.ibm.com/support/pages/node/6471895" - }, - { - "title" : "X-Force Vulnerability Report", - "name" : "ibm-sam-cve202120523-info-disc (198660)", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198660" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "CVE_data_meta" : { - "ID" : "CVE-2021-20523", - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC" - }, - "data_type" : "CVE", - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Security Verify Access Docker", - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - } - } - ] - } + "impact": { + "cvssv3": { + "BM": { + "S": "U", + "I": "N", + "SCORE": "2.700", + "C": "L", + "UI": "N", + "PR": "H", + "A": "N", + "AV": "N", + "AC": "L" + }, + "TM": { + "RL": "O", + "E": "U", + "RC": "C" } - ] - } - } -} + } + }, + "description": { + "description_data": [ + { + "value": "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 198660", + "lang": "eng" + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "url": "https://www.ibm.com/support/pages/node/6471895" + }, + { + "title": "X-Force Vulnerability Report", + "name": "ibm-sam-cve202120523-info-disc (198660)", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198660" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] + } + ] + }, + "CVE_data_meta": { + "ID": "CVE-2021-20523", + "DATE_PUBLIC": "2021-07-13T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + }, + "data_type": "CVE", + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Docker", + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + } + } + ] + } + } + ] + } + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20524.json b/2021/20xxx/CVE-2021-20524.json index 5d458656b15..94455d289f5 100644 --- a/2021/20xxx/CVE-2021-20524.json +++ b/2021/20xxx/CVE-2021-20524.json @@ -1,90 +1,90 @@ { - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "refsource" : "CONFIRM" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198661", - "refsource" : "XF", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-sam-cve202120524-xss (198661)" - } - ] - }, - "data_version" : "4.0", - "impact" : { - "cvssv3" : { - "BM" : { - "UI" : "R", - "SCORE" : "4.800", - "C" : "L", - "PR" : "H", - "I" : "L", - "S" : "C", - "AV" : "N", - "A" : "N", - "AC" : "L" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Verify Access Docker 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198661." - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - }, - "product_name" : "Security Verify Access Docker" - } - ] - }, - "vendor_name" : "IBM" + "url": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name": "https://www.ibm.com/support/pages/node/6471895", + "refsource": "CONFIRM" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198661", + "refsource": "XF", + "title": "X-Force Vulnerability Report", + "name": "ibm-sam-cve202120524-xss (198661)" } - ] - } - }, - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Cross-Site Scripting" - } + ] + }, + "data_version": "4.0", + "impact": { + "cvssv3": { + "BM": { + "UI": "R", + "SCORE": "4.800", + "C": "L", + "PR": "H", + "I": "L", + "S": "C", + "AV": "N", + "A": "N", + "AC": "L" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Verify Access Docker 10.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 198661." + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + }, + "product_name": "Security Verify Access Docker" + } + ] + }, + "vendor_name": "IBM" + } ] - } - ] - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "ID" : "CVE-2021-20524" - } -} + } + }, + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-Site Scripting" + } + ] + } + ] + }, + "data_type": "CVE", + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2021-07-13T00:00:00", + "ID": "CVE-2021-20524" + } +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20533.json b/2021/20xxx/CVE-2021-20533.json index c084deba0d6..34361777673 100644 --- a/2021/20xxx/CVE-2021-20533.json +++ b/2021/20xxx/CVE-2021-20533.json @@ -1,90 +1,90 @@ { - "data_format" : "MITRE", - "data_type" : "CVE", - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2021-20533", - "DATE_PUBLIC" : "2021-07-13T00:00:00" - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Privileges" - } - ] - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_format": "MITRE", + "data_type": "CVE", + "CVE_data_meta": { + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2021-20533", + "DATE_PUBLIC": "2021-07-13T00:00:00" + }, + "problemtype": { + "problemtype_data": [ { - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - }, - "product_name" : "Security Verify Access Docker" - } - ] - }, - "vendor_name" : "IBM" + "description": [ + { + "lang": "eng", + "value": "Gain Privileges" + } + ] } - ] - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 198813" - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "I" : "H", - "S" : "C", - "SCORE" : "8.400", - "UI" : "N", - "C" : "H", - "PR" : "H", - "A" : "H", - "AV" : "A", - "AC" : "L" - }, - "TM" : { - "RC" : "C", - "RL" : "O", - "E" : "U" - } - } - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "refsource" : "CONFIRM" - }, - { - "name" : "ibm-sam-cve202120533-command-injection (198813)", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198813" - } - ] - }, - "data_version" : "4.0" -} + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + }, + "product_name": "Security Verify Access Docker" + } + ] + }, + "vendor_name": "IBM" + } + ] + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Verify Access Docker 10.0.0 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 198813" + } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "I": "H", + "S": "C", + "SCORE": "8.400", + "UI": "N", + "C": "H", + "PR": "H", + "A": "H", + "AV": "A", + "AC": "L" + }, + "TM": { + "RC": "C", + "RL": "O", + "E": "U" + } + } + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name": "https://www.ibm.com/support/pages/node/6471895", + "refsource": "CONFIRM" + }, + { + "name": "ibm-sam-cve202120533-command-injection (198813)", + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198813" + } + ] + }, + "data_version": "4.0" +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20534.json b/2021/20xxx/CVE-2021-20534.json index 2bbe0b1dacb..902d1337430 100644 --- a/2021/20xxx/CVE-2021-20534.json +++ b/2021/20xxx/CVE-2021-20534.json @@ -1,90 +1,90 @@ { - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "name" : "https://www.ibm.com/support/pages/node/6471895" - }, - { - "name" : "ibm-sam-cve202120534-open-redirect (198814)", - "title" : "X-Force Vulnerability Report", - "refsource" : "XF", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198814" - } - ] - }, - "impact" : { - "cvssv3" : { - "BM" : { - "I" : "H", - "S" : "U", - "PR" : "H", - "SCORE" : "4.500", - "UI" : "R", - "C" : "N", - "AV" : "N", - "A" : "N", - "AC" : "L" - }, - "TM" : { - "RC" : "C", - "E" : "U", - "RL" : "O" - } - } - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 198814", - "lang" : "eng" - } - ] - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_version": "4.0", + "references": { + "reference_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Security Verify Access Docker", - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - } - } - ] - } + "url": "https://www.ibm.com/support/pages/node/6471895", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name": "https://www.ibm.com/support/pages/node/6471895" + }, + { + "name": "ibm-sam-cve202120534-open-redirect (198814)", + "title": "X-Force Vulnerability Report", + "refsource": "XF", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198814" } - ] - } - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Gain Access", - "lang" : "eng" - } + ] + }, + "impact": { + "cvssv3": { + "BM": { + "I": "H", + "S": "U", + "PR": "H", + "SCORE": "4.500", + "UI": "R", + "C": "N", + "AV": "N", + "A": "N", + "AC": "L" + }, + "TM": { + "RC": "C", + "E": "U", + "RL": "O" + } + } + }, + "description": { + "description_data": [ + { + "value": "IBM Security Verify Access Docker 10.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 198814", + "lang": "eng" + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Docker", + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + } + } + ] + } + } ] - } - ] - }, - "CVE_data_meta" : { - "ID" : "CVE-2021-20534", - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC" - }, - "data_type" : "CVE", - "data_format" : "MITRE" -} + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Gain Access", + "lang": "eng" + } + ] + } + ] + }, + "CVE_data_meta": { + "ID": "CVE-2021-20534", + "DATE_PUBLIC": "2021-07-13T00:00:00", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + }, + "data_type": "CVE", + "data_format": "MITRE" +} \ No newline at end of file diff --git a/2021/20xxx/CVE-2021-20537.json b/2021/20xxx/CVE-2021-20537.json index 4d6b1798a3e..f718cbc9c19 100644 --- a/2021/20xxx/CVE-2021-20537.json +++ b/2021/20xxx/CVE-2021-20537.json @@ -1,90 +1,90 @@ { - "data_format" : "MITRE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Obtain Information" - } - ] - } - ] - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC", - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "ID" : "CVE-2021-20537" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "data_format": "MITRE", + "problemtype": { + "problemtype_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - }, - "product_name" : "Security Verify Access Docker" - } - ] - } + "description": [ + { + "lang": "eng", + "value": "Obtain Information" + } + ] } - ] - } - }, - "impact" : { - "cvssv3" : { - "BM" : { - "AC" : "L", - "AV" : "N", - "A" : "N", - "C" : "H", - "SCORE" : "6.500", - "UI" : "N", - "PR" : "L", - "I" : "N", - "S" : "U" - }, - "TM" : { - "E" : "U", - "RL" : "O", - "RC" : "C" - } - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID:198918" - } - ] - }, - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "refsource" : "CONFIRM" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/198918", - "title" : "X-Force Vulnerability Report", - "name" : "ibm-sam-cve202120537-infor-disc (198918)", - "refsource" : "XF" - } - ] - }, - "data_version" : "4.0" -} + ] + }, + "data_type": "CVE", + "CVE_data_meta": { + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC", + "DATE_PUBLIC": "2021-07-13T00:00:00", + "ID": "CVE-2021-20537" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + }, + "product_name": "Security Verify Access Docker" + } + ] + } + } + ] + } + }, + "impact": { + "cvssv3": { + "BM": { + "AC": "L", + "AV": "N", + "A": "N", + "C": "H", + "SCORE": "6.500", + "UI": "N", + "PR": "L", + "I": "N", + "S": "U" + }, + "TM": { + "E": "U", + "RL": "O", + "RC": "C" + } + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Verify Access Docker 10.0.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID:198918" + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "name": "https://www.ibm.com/support/pages/node/6471895", + "refsource": "CONFIRM" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/198918", + "title": "X-Force Vulnerability Report", + "name": "ibm-sam-cve202120537-infor-disc (198918)", + "refsource": "XF" + } + ] + }, + "data_version": "4.0" +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29699.json b/2021/29xxx/CVE-2021-29699.json index 793b655ea67..e8f61efb27a 100644 --- a/2021/29xxx/CVE-2021-29699.json +++ b/2021/29xxx/CVE-2021-29699.json @@ -1,90 +1,90 @@ { - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Access" - } - ] - } - ] - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "DATE_PUBLIC" : "2021-07-13T00:00:00", - "ID" : "CVE-2021-29699", - "ASSIGNER" : "psirt@us.ibm.com", - "STATE" : "PUBLIC" - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ + "problemtype": { + "problemtype_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Security Verify Access Docker", - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - } - } - ] - } + "description": [ + { + "lang": "eng", + "value": "Gain Access" + } + ] } - ] - } - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RC" : "C", - "E" : "U", - "RL" : "O" - }, - "BM" : { - "AV" : "A", - "A" : "H", - "AC" : "L", - "S" : "U", - "I" : "H", - "C" : "H", - "SCORE" : "6.600", - "UI" : "R", - "PR" : "H" - } - } - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security Verify Access Docker 10.0.0 could allow a remote priviled user to upload arbitrary files with a dangerous file type that could be excuted by an user. IBM X-Force ID: 200600." - } - ] - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "refsource" : "CONFIRM", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)" - }, - { - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/200600", - "refsource" : "XF", - "name" : "ibm-sam-cve202129699-file-upload (200600)", - "title" : "X-Force Vulnerability Report" - } - ] - } -} + ] + }, + "data_type": "CVE", + "CVE_data_meta": { + "DATE_PUBLIC": "2021-07-13T00:00:00", + "ID": "CVE-2021-29699", + "ASSIGNER": "psirt@us.ibm.com", + "STATE": "PUBLIC" + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Docker", + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "impact": { + "cvssv3": { + "TM": { + "RC": "C", + "E": "U", + "RL": "O" + }, + "BM": { + "AV": "A", + "A": "H", + "AC": "L", + "S": "U", + "I": "H", + "C": "H", + "SCORE": "6.600", + "UI": "R", + "PR": "H" + } + } + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security Verify Access Docker 10.0.0 could allow a remote priviled user to upload arbitrary files with a dangerous file type that could be excuted by an user. IBM X-Force ID: 200600." + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6471895", + "refsource": "CONFIRM", + "name": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)" + }, + { + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/200600", + "refsource": "XF", + "name": "ibm-sam-cve202129699-file-upload (200600)", + "title": "X-Force Vulnerability Report" + } + ] + } +} \ No newline at end of file diff --git a/2021/29xxx/CVE-2021-29742.json b/2021/29xxx/CVE-2021-29742.json index ea52843c277..c2001855abc 100644 --- a/2021/29xxx/CVE-2021-29742.json +++ b/2021/29xxx/CVE-2021-29742.json @@ -1,90 +1,90 @@ { - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "E" : "U", - "RC" : "C" - }, - "BM" : { - "PR" : "N", - "SCORE" : "7.900", - "UI" : "R", - "C" : "H", - "S" : "C", - "I" : "H", - "AV" : "A", - "A" : "H", - "AC" : "H" - } - } - }, - "description" : { - "description_data" : [ - { - "value" : "IBM Security Verify Access Docker 10.0.0 could allow a user to impersonate another user on the system. IBM X-Force ID: 201483.", - "lang" : "eng" - } - ] - }, - "data_version" : "4.0", - "references" : { - "reference_data" : [ - { - "url" : "https://www.ibm.com/support/pages/node/6471895", - "name" : "https://www.ibm.com/support/pages/node/6471895", - "title" : "IBM Security Bulletin 6471895 (Security Verify Access Docker)", - "refsource" : "CONFIRM" - }, - { - "refsource" : "XF", - "name" : "ibm-sam-cve202129742-session-fixation (201483)", - "title" : "X-Force Vulnerability Report", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/201483" - } - ] - }, - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "lang" : "eng", - "value" : "Gain Access" - } - ] - } - ] - }, - "data_type" : "CVE", - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ASSIGNER" : "psirt@us.ibm.com", - "ID" : "CVE-2021-29742", - "DATE_PUBLIC" : "2021-07-13T00:00:00" - }, - "data_format" : "MITRE", - "affects" : { - "vendor" : { - "vendor_data" : [ - { - "product" : { - "product_data" : [ - { - "product_name" : "Security Verify Access Docker", - "version" : { - "version_data" : [ - { - "version_value" : "10.0.0" - } - ] - } - } - ] - }, - "vendor_name" : "IBM" + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "E": "U", + "RC": "C" + }, + "BM": { + "PR": "N", + "SCORE": "7.900", + "UI": "R", + "C": "H", + "S": "C", + "I": "H", + "AV": "A", + "A": "H", + "AC": "H" } - ] - } - } -} + } + }, + "description": { + "description_data": [ + { + "value": "IBM Security Verify Access Docker 10.0.0 could allow a user to impersonate another user on the system. IBM X-Force ID: 201483.", + "lang": "eng" + } + ] + }, + "data_version": "4.0", + "references": { + "reference_data": [ + { + "url": "https://www.ibm.com/support/pages/node/6471895", + "name": "https://www.ibm.com/support/pages/node/6471895", + "title": "IBM Security Bulletin 6471895 (Security Verify Access Docker)", + "refsource": "CONFIRM" + }, + { + "refsource": "XF", + "name": "ibm-sam-cve202129742-session-fixation (201483)", + "title": "X-Force Vulnerability Report", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/201483" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Gain Access" + } + ] + } + ] + }, + "data_type": "CVE", + "CVE_data_meta": { + "STATE": "PUBLIC", + "ASSIGNER": "psirt@us.ibm.com", + "ID": "CVE-2021-29742", + "DATE_PUBLIC": "2021-07-13T00:00:00" + }, + "data_format": "MITRE", + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Security Verify Access Docker", + "version": { + "version_data": [ + { + "version_value": "10.0.0" + } + ] + } + } + ] + }, + "vendor_name": "IBM" + } + ] + } + } +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34827.json b/2021/34xxx/CVE-2021-34827.json index 4c9293c0346..6439db44523 100644 --- a/2021/34xxx/CVE-2021-34827.json +++ b/2021/34xxx/CVE-2021-34827.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-34827", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DAP-1330", - "version": { - "version_data": [ - { - "version_value": "1.13B01 BETA" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-34827", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "DAP-1330", + "version": { + "version_data": [ + { + "version_value": "1.13B01 BETA" + } + ] + } + } + ] + }, + "vendor_name": "D-Link" } - } ] - }, - "vendor_name": "D-Link" } - ] - } - }, - "credit": "phieulang", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device.\n Was ZDI-CAN-12029." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-121: Stack-based Buffer Overflow" - } + }, + "credit": "phieulang", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12029." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-679/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121: Stack-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-679/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-679/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34828.json b/2021/34xxx/CVE-2021-34828.json index d91744c4a98..313ca38dc1c 100644 --- a/2021/34xxx/CVE-2021-34828.json +++ b/2021/34xxx/CVE-2021-34828.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-34828", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DAP-1330", - "version": { - "version_data": [ - { - "version_value": "1.13B01 BETA" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-34828", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "DAP-1330", + "version": { + "version_data": [ + { + "version_value": "1.13B01 BETA" + } + ] + } + } + ] + }, + "vendor_name": "D-Link" } - } ] - }, - "vendor_name": "D-Link" } - ] - } - }, - "credit": "chung96vn of Vietnam National Cyber Security Center (NCSC Vietnam)", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12066." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" - } + }, + "credit": "chung96vn of Vietnam National Cyber Security Center (NCSC Vietnam)", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the SOAPAction HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12066." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-680/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-680/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-680/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34829.json b/2021/34xxx/CVE-2021-34829.json index 72777bb4972..a881c755c33 100644 --- a/2021/34xxx/CVE-2021-34829.json +++ b/2021/34xxx/CVE-2021-34829.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-34829", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DAP-1330", - "version": { - "version_data": [ - { - "version_value": "1.13B01 BETA" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-34829", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "DAP-1330", + "version": { + "version_data": [ + { + "version_value": "1.13B01 BETA" + } + ] + } + } + ] + }, + "vendor_name": "D-Link" } - } ] - }, - "vendor_name": "D-Link" } - ] - } - }, - "credit": "phieulang", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the HNAP_AUTH HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12065." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" - } + }, + "credit": "phieulang", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the HNAP_AUTH HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12065." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-681/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-681/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-681/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file diff --git a/2021/34xxx/CVE-2021-34830.json b/2021/34xxx/CVE-2021-34830.json index b4dfdd5837a..c133413399a 100644 --- a/2021/34xxx/CVE-2021-34830.json +++ b/2021/34xxx/CVE-2021-34830.json @@ -1,67 +1,69 @@ { - "CVE_data_meta": { - "ASSIGNER": "zdi-disclosures@trendmicro.com", - "ID": "CVE-2021-34830", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "DAP-1330", - "version": { - "version_data": [ - { - "version_value": "1.13B01 BETA" - } - ] + "CVE_data_meta": { + "ASSIGNER": "zdi-disclosures@trendmicro.com", + "ID": "CVE-2021-34830", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "DAP-1330", + "version": { + "version_data": [ + { + "version_value": "1.13B01 BETA" + } + ] + } + } + ] + }, + "vendor_name": "D-Link" } - } ] - }, - "vendor_name": "D-Link" } - ] - } - }, - "credit": "chung96vn of Vietnam National Cyber Security Center (NCSC Vietnam)", - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the Cookie HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. \n Was ZDI-CAN-12028." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-121: Stack-based Buffer Overflow" - } + }, + "credit": "chung96vn of Vietnam National Cyber Security Center (NCSC Vietnam)", + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Cookie HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12028." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-682/" - } - ] - }, - "impact": { - "cvss": { - "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.0" + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121: Stack-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-682/", + "refsource": "MISC", + "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-682/" + } + ] + }, + "impact": { + "cvss": { + "vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.0" + } } - } -} +} \ No newline at end of file From 6aba8c9b206c21b2bdb8e4a8b951708d26805d91 Mon Sep 17 00:00:00 2001 From: "Shelby J. Cunningham" Date: Thu, 15 Jul 2021 14:25:35 -0400 Subject: [PATCH 05/26] Add CVE-2021-32770 for GHSA-rqjw-p5vr-c695 --- 2021/32xxx/CVE-2021-32770.json | 80 +++++++++++++++++++++++++++++++--- 1 file changed, 74 insertions(+), 6 deletions(-) diff --git a/2021/32xxx/CVE-2021-32770.json b/2021/32xxx/CVE-2021-32770.json index 6b4635f2b0e..d68193a938e 100644 --- a/2021/32xxx/CVE-2021-32770.json +++ b/2021/32xxx/CVE-2021-32770.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32770", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Basic-auth app bundle credential exposure in gatsby-source-wordpress" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "gatsby", + "version": { + "version_data": [ + { + "version_value": "< 4.0.8" + }, + { + "version_value": ">= 5.0.0, < 5.9.2" + } + ] + } + } + ] + }, + "vendor_name": "gatsbyjs" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Gatsby is a framework for building websites. The gatsby-source-wordpress plugin prior to versions 4.0.8 and 5.9.2 leaks .htaccess HTTP Basic Authentication variables into the app.js bundle during build-time. Users who are not initializing basic authentication credentials in the gatsby-config.js are not affected. A patch has been introduced in gatsby-source-wordpress@4.0.8 and gatsby-source-wordpress@5.9.2 which mitigates the issue by filtering all variables specified in the `auth: { }` section. Users that depend on this functionality are advised to upgrade to the latest release of gatsby-source-wordpress, run `gatsby clean` followed by a `gatsby build`. One may manually edit the app.js file post-build as a workaround." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/gatsbyjs/gatsby/security/advisories/GHSA-rqjw-p5vr-c695", + "refsource": "CONFIRM", + "url": "https://github.com/gatsbyjs/gatsby/security/advisories/GHSA-rqjw-p5vr-c695" + } + ] + }, + "source": { + "advisory": "GHSA-rqjw-p5vr-c695", + "discovery": "UNKNOWN" } } \ No newline at end of file From 5e1a3ced5648064494e6dd148819c0836da117ae Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 15 Jul 2021 19:00:59 +0000 Subject: [PATCH 06/26] "-Synchronized-Data." --- 2021/32xxx/CVE-2021-32770.json | 2 +- 2021/35xxx/CVE-2021-35056.json | 61 ++++++++++++++++++++++++++++++---- 2 files changed, 56 insertions(+), 7 deletions(-) diff --git a/2021/32xxx/CVE-2021-32770.json b/2021/32xxx/CVE-2021-32770.json index d68193a938e..3f819c58f1a 100644 --- a/2021/32xxx/CVE-2021-32770.json +++ b/2021/32xxx/CVE-2021-32770.json @@ -38,7 +38,7 @@ "description_data": [ { "lang": "eng", - "value": "Gatsby is a framework for building websites. The gatsby-source-wordpress plugin prior to versions 4.0.8 and 5.9.2 leaks .htaccess HTTP Basic Authentication variables into the app.js bundle during build-time. Users who are not initializing basic authentication credentials in the gatsby-config.js are not affected. A patch has been introduced in gatsby-source-wordpress@4.0.8 and gatsby-source-wordpress@5.9.2 which mitigates the issue by filtering all variables specified in the `auth: { }` section. Users that depend on this functionality are advised to upgrade to the latest release of gatsby-source-wordpress, run `gatsby clean` followed by a `gatsby build`. One may manually edit the app.js file post-build as a workaround." + "value": "Gatsby is a framework for building websites. The gatsby-source-wordpress plugin prior to versions 4.0.8 and 5.9.2 leaks .htaccess HTTP Basic Authentication variables into the app.js bundle during build-time. Users who are not initializing basic authentication credentials in the gatsby-config.js are not affected. A patch has been introduced in gatsby-source-wordpress@4.0.8 and gatsby-source-wordpress@5.9.2 which mitigates the issue by filtering all variables specified in the `auth: { }` section. Users that depend on this functionality are advised to upgrade to the latest release of gatsby-source-wordpress, run `gatsby clean` followed by a `gatsby build`. One may manually edit the app.js file post-build as a workaround." } ] }, diff --git a/2021/35xxx/CVE-2021-35056.json b/2021/35xxx/CVE-2021-35056.json index c04d9296756..32d67e75b54 100644 --- a/2021/35xxx/CVE-2021-35056.json +++ b/2021/35xxx/CVE-2021-35056.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-35056", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-35056", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Unisys Stealth 5.1 before 5.1.025.0 and 6.0 before 6.0.055.0 has an unquoted Windows search path for a scheduled task. An unintended executable might run." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://public.support.unisys.com/common/public/vulnerability/NVD_Home.aspx", + "refsource": "MISC", + "name": "https://public.support.unisys.com/common/public/vulnerability/NVD_Home.aspx" + }, + { + "refsource": "CONFIRM", + "name": "https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=64", + "url": "https://public.support.unisys.com/common/public/vulnerability/NVD_Detail_Rpt.aspx?ID=64" } ] } From fa26d900650d4050aeb01c380a41a7f2697000bb Mon Sep 17 00:00:00 2001 From: Dave Dugal Date: Thu, 15 Jul 2021 15:53:11 -0400 Subject: [PATCH 07/26] juniper-2021-07-14 CVE publications. For more information see https://advisory.juniper.net --- 2021/0xxx/CVE-2021-0276.json | 122 +++++++++++++++- 2021/0xxx/CVE-2021-0277.json | 204 +++++++++++++++++++++++++- 2021/0xxx/CVE-2021-0278.json | 166 ++++++++++++++++++++- 2021/0xxx/CVE-2021-0279.json | 99 ++++++++++++- 2021/0xxx/CVE-2021-0280.json | 179 ++++++++++++++++++++++- 2021/0xxx/CVE-2021-0281.json | 189 +++++++++++++++++++++++- 2021/0xxx/CVE-2021-0282.json | 152 ++++++++++++++++++- 2021/0xxx/CVE-2021-0283.json | 206 +++++++++++++++++++++++++- 2021/0xxx/CVE-2021-0285.json | 185 +++++++++++++++++++++++- 2021/0xxx/CVE-2021-0286.json | 110 +++++++++++++- 2021/0xxx/CVE-2021-0287.json | 172 +++++++++++++++++++++- 2021/0xxx/CVE-2021-0288.json | 185 +++++++++++++++++++++++- 2021/0xxx/CVE-2021-0289.json | 273 ++++++++++++++++++++++++++++++++++- 2021/0xxx/CVE-2021-0290.json | 177 ++++++++++++++++++++++- 2021/0xxx/CVE-2021-0291.json | 182 ++++++++++++++++++++++- 2021/0xxx/CVE-2021-0292.json | 120 ++++++++++++++- 2021/0xxx/CVE-2021-0293.json | 155 +++++++++++++++++++- 2021/0xxx/CVE-2021-0294.json | 112 +++++++++++++- 2021/0xxx/CVE-2021-0295.json | 185 +++++++++++++++++++++++- 19 files changed, 3040 insertions(+), 133 deletions(-) diff --git a/2021/0xxx/CVE-2021-0276.json b/2021/0xxx/CVE-2021-0276.json index dd2a28a51e7..799d4254687 100644 --- a/2021/0xxx/CVE-2021-0276.json +++ b/2021/0xxx/CVE-2021-0276.json @@ -1,18 +1,126 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0276", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Steel-Belted Radius Carrier Edition: Remote code execution vulnerability when EAP Authentication is configured." }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "SBR Carrier", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "8.4.1", + "version_value": "8.4.1R19" + }, + { + "version_affected": "<", + "version_name": "8.5.0", + "version_value": "8.5.0R10" + }, + { + "version_affected": "<", + "version_name": "8.6.0", + "version_value": "8.6.0R4" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "This issue affects SBR Carrier with EAP authentication configured only when using Enhanced EAP Logging and TraceLevel setting of 2.\n\n /JNPRsbr/radius/radius.ini\n [Logging]\n LogLevel=2\n TraceLevel=2\n EnhancedEAPLogging = yes" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). \n\n\n \nThis issue affects Juniper Networks SBR Carrier:\n8.4.1 versions prior to 8.4.1R19;\n8.5.0 versions prior to 8.5.0R10;\n8.6.0 versions prior to 8.6.0R4.\n" } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-121 Stack-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11180", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11180" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: 8.4.1R19, 8.5.0R10, 8.6.0R4 and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11180", + "defect": [ + "1465201" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There are no viable workarounds for this issue." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0277.json b/2021/0xxx/CVE-2021-0277.json index 543bc1165ca..e8d0ed8abd4 100644 --- a/2021/0xxx/CVE-2021-0277.json +++ b/2021/0xxx/CVE-2021-0277.json @@ -1,18 +1,208 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0277", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS and Junos OS Evolved: LLDP Out-of-Bounds Read vulnerability in l2cpd" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.3", + "version_value": "12.3R12-S18" + }, + { + "version_affected": "<", + "version_name": "15.1", + "version_value": "15.1R7-S9" + }, + { + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3R3-S12" + }, + { + "version_affected": "<", + "version_name": "17.4", + "version_value": "17.4R2-S13, 17.4R3-S5" + }, + { + "version_affected": "<", + "version_name": "18.1", + "version_value": "18.1R3-S13" + }, + { + "version_affected": "<", + "version_name": "18.2", + "version_value": "18.2R3-S8" + }, + { + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S5" + }, + { + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S8, 18.4R3-S8" + }, + { + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R3-S5" + }, + { + "version_affected": "<", + "version_name": "19.2", + "version_value": "19.2R3-S3" + }, + { + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R2-S6, 19.3R3-S2" + }, + { + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S3" + }, + { + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R2-S2, 20.1R3" + }, + { + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R3-S1" + }, + { + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R2-S1, 20.3R3" + }, + { + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R2" + } + ] + } + }, + { + "product_name": "Junos OS Evolved", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20.4R2-EVO" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "This vulnerability is only exploitable on interfaces with LLDP enabled. For example:\n\n [protocols lldp]\n" + } + ], + "credit": [ + { + "lang": "eng", + "value": "The Juniper SIRT would like to acknowledge and thank Qian Chen from the Codesafe Team of Legendsec at the Qi'anxin Group." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition.\n\nThis issue affects:\nJuniper Networks Junos OS:\n12.3 versions prior to 12.3R12-S18;\n15.1 versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R3-S1;\n20.3 versions prior to 20.3R2-S1, 20.3R3;\n20.4 versions prior to 20.4R2.\n\nJuniper Networks Junos OS Evolved versions prior to 20.4R2-EVO." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-125 Out-of-bounds Read" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11181", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11181" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue:\n\nJunos OS 12.3R12-S18, 15.1R7-S9, 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3-S1, 20.3R2-S1, 20.3R3, 20.4R2, 20.4R3, 21.1R1, 21.1R2, 21.2R1, and all subsequent releases.\n\nJunos OS Evolved 20.4R2-EVO, 21.1R1-EVO, and all subsequent releases." + } + ], + "source": { + "advisory": "JSA11181", + "defect": [ + "1569312" + ], + "discovery": "EXTERNAL" + }, + "work_around": [ + { + "lang": "eng", + "value": "1. Configure the device to not load the L2CPD daemon using the following CLI config stanza.\n\n set system processes l2cpd-service disable\n\nAdditional protocols L2CPD daemon supports include RSTP, MSTP, VSTP, ERP, xSTP and ERP protocols. After issuing set system processes l2cpd-service disable, RSTP, MSTP, VSTP, ERP, xSTP and ERP protocols will cease to operate. Please note, this is not an exhaustive list, disabling L2CPD may affect other protocols and services that rely upon L2CPD daemon to be present. For example, L2ALD, MRVP, EVPN traffic, etc. may also cease to operate. To avoid downtime, customers considering applying this workaround should carefully test all workaround changes to their environment in a non-production environment first that mirrors or as closely as possible matches the production environment before applying to the production environment.\n\n2. Configure target interfaces on the device to disable LLDP packet processing:\n \n set protocols lldp interface disable\n\n3. On Switching platforms such as EX/QFX Series devices implement packet filters to discard LLDP packets with an EtherType of 0x88cc.\n\nFor example:\n\n set firewall family ethernet-switching filter LLDP_EXAMPLE term 1 from ether-type 0x88cc\n set firewall family ethernet-switching filter LLDP_EXAMPLE term 1 then discard\n \nWorkaround #3 does not work on MX Series devices. MX Series devices should disable LLDP processing, filter off-system, or upgrade to a fixed release.\n \n4. Lastly, as a method to reduce the risk of exploitation for this vulnerability, customers may implement off-system IDP and/or Firewall filtering methods such as disallowing LLDP EtherType to propagate completely on local segments, or by filtering broadcast addressed LLDP packets or unicast addressed LLDP packets not originated from trusted sources targeted to trusted destinations.\n\nAdditionally, it is good security practice to limit the exploitable attack surface of critical infrastructure networking equipment. Use access lists or firewall filters to limit access to the device via all means to only trusted, administrative networks, hosts and users. \n" + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0278.json b/2021/0xxx/CVE-2021-0278.json index 9ca216339ec..e2cf42d43d6 100644 --- a/2021/0xxx/CVE-2021-0278.json +++ b/2021/0xxx/CVE-2021-0278.json @@ -1,18 +1,170 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0278", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to root." }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "version_affected": ">=", + "version_name": "19.3", + "version_value": "19.3R1" + }, + { + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R2-S6, 19.3R3-S3" + }, + { + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R3-S5" + }, + { + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R2-S2, 20.1R3-S1" + }, + { + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R3-S2" + }, + { + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R3" + }, + { + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R2-S1, 20.4R3" + }, + { + "version_affected": "<", + "version_name": "21.1", + "version_value": "21.1R1-S1, 21.1R2" + }, + { + "version_affected": "!<", + "version_value": "19.3R1" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "The following minimal configuration is necessary: \n\n [system services web-management http]\nor\n [system services web-management https]" + } + ], + "credit": [ + { + "lang": "eng", + "value": " The Juniper SIRT wishes to thank Luca Ercoli regarding PR 1511853" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device.\n\njunos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1\nThis issue affects:\nJuniper Networks Junos OS\n19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 19.3R1." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability. However, a proof-of-concept exploit does exist in the wild." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-20 Improper Input Validation" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Privilege Escalation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11182", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11182" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: 19.3R2-S6, 19.3R3-S3, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R1, and all subsequent releases.\n\nIn addition to the above fixed releases, for the following not-affected releases additional security enhancements were included in Junos OS 18.3R3-S5, 18.4R3-S9, 19.1R3-S6 as a result of resolving this issue.\n\n" + } + ], + "source": { + "advisory": "JSA11182", + "defect": [ + "1592021", + "1511853" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There are no viable workarounds for this issue other than disabling J-Web. \n\nTo reduce the risk of exploitation of these issues, use access lists or firewall filters to limit access to only trusted administrative networks, hosts and users." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0279.json b/2021/0xxx/CVE-2021-0279.json index 6ec00472413..3ea35411710 100644 --- a/2021/0xxx/CVE-2021-0279.json +++ b/2021/0xxx/CVE-2021-0279.json @@ -1,18 +1,103 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0279", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Contrail Cloud: Hardcoded credentials for RabbitMQ service" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Contrail Cloud", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "13.6.0" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative service for RabbitMQ (e.g. GUI), can use these hardcoded credentials to cause a Denial of Service (DoS) or have access to unspecified sensitive system information.\n\nThis issue affects the Juniper Networks Contrail Cloud releases on versions prior to 13.6.0.\n\n" } ] - } + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-798 Use of Hard-coded Credentials" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11183", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11183" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: Juniper Networks Contrail Cloud version 13.6.0, and all subsequent releases.\n\nWhen installing Contrail Cloud version 13.6.0, to set a non-default password for RabbitMQ, one of these options are possible:\na) You may set a non-default password using the config/vault-data.yml file.\nb) Or following configuration should be added to the CC site.yml file:\n\n extra_config:\n ContrailAnalyticsParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault['other']['credentials']['contrail_rabbit']['password'] }}\"\n RABBITMQ_USER: \"{{ vault['other']['credentials']['contrail_rabbit']['user'] }}\"\n ContrailControllerParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault['other']['credentials']['contrail_rabbit']['password'] }}\"\n RABBITMQ_USER: \"{{ vault['other']['credentials']['contrail_rabbit']['user'] }}\"\n\nContact Juniper Networks Technical Assistance Center (JTAC) for guided assistance if necessary." + } + ], + "source": { + "advisory": "JSA11183", + "defect": [ + "CC-773" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "To mitigate this issue with a fresh installation of Contrail Cloud version prior to 13.6.0, the following configuration options should be added to the CC site.yml file.\n\n extra_config:\n ContrailAnalyticsParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault['other']['credentials']['contrail_rabbit']['password'] }}\"\n RABBITMQ_USER: \"{{ vault['other']['credentials']['contrail_rabbit']['user'] }}\"\n ContrailControllerParameters:\n ContrailSettings:\n RABBITMQ_PASSWORD: \"{{ vault['other']['credentials']['contrail_rabbit']['password'] }}\"\n RABBITMQ_USER: \"{{ vault['other']['credentials']['contrail_rabbit']['user'] }}\"\n\nPlease contact Juniper Networks Technical Assistance Center (JTAC) for guided assistance if necessary.\n\nUntil a fresh installation or upgrade is possible, to reduce the risk of exploitation utilize common security BCPs to limit the exploitable surface by limiting access to network and device to trusted systems, administrators, networks and hosts. " + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0280.json b/2021/0xxx/CVE-2021-0280.json index 350333a7b15..b322f8b473f 100644 --- a/2021/0xxx/CVE-2021-0280.json +++ b/2021/0xxx/CVE-2021-0280.json @@ -1,18 +1,183 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0280", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: PTX Series, QFX10K Series: Upon receipt of specific packets BFD sessions might flap due to DDoS policer implementation in Packet Forwarding Engine" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "17.4", + "version_value": "17.4R3-S5" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "18.2", + "version_value": "18.2R3-S8" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S5" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S8" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R3-S5" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "19.2", + "version_value": "19.2R3-S2" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R3-S2" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R3-S2" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R3" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R2-S3, 20.2R3" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R2, 20.3R3" + }, + { + "platform": "PTX Series, QFX10K Series", + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R2" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "The examples of the config stanza affected by this issue:\n\n [system ddos-protection global]\n [system ddos-protection protocols]" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). This may cause BFD sessions to flap when a high rate of specific packets are received. Flapping of BFD sessions in turn may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects only the following platforms with Paradise (PE) chipset-based line cards:\nPTX1000, PTX3000 (NextGen), PTX5000, PTX10008, PTX10016 Series and QFX10002 Series.\nThis issue affects:\nJuniper Networks Junos OS\n17.4 versions prior to 17.4R3-S5 on PTX Series, QFX10K Series;\n18.2 versions prior to 18.2R3-S8 on PTX Series, QFX10K Series;\n18.3 versions prior to 18.3R3-S5 on PTX Series, QFX10K Series;\n18.4 versions prior to 18.4R2-S8 on PTX Series, QFX10K Series;\n19.1 versions prior to 19.1R3-S5 on PTX Series, QFX10K Series;\n19.2 versions prior to 19.2R3-S2 on PTX Series, QFX10K Series;\n19.3 versions prior to 19.3R3-S2 on PTX Series, QFX10K Series;\n19.4 versions prior to 19.4R3-S2 on PTX Series, QFX10K Series;\n20.1 versions prior to 20.1R3 on PTX Series, QFX10K Series;\n20.2 versions prior to 20.2R2-S3, 20.2R3 on PTX Series, QFX10K Series;\n20.3 versions prior to 20.3R2 on PTX Series, QFX10K Series;\n20.4 versions prior to 20.4R2 on PTX Series, QFX10K Series." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-665 Improper Initialization" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11184", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11184" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.4R3-S5, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 19.1R3-S5, 19.2R3-S2, 19.3R3-S2, 19.4R3-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R2, 21.1R1, and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11184", + "defect": [ + "1564807" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "The default ukern policer rate can be reduced by the CLI command:\n set system ddos-protection protocols bandwidth burst \n\n\n \n" + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0281.json b/2021/0xxx/CVE-2021-0281.json index f47095fe2c7..0d7f0e7ce16 100644 --- a/2021/0xxx/CVE-2021-0281.json +++ b/2021/0xxx/CVE-2021-0281.json @@ -1,18 +1,193 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0281", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS and Junos OS Evolved: Specific packets can trigger rpd crash when BGP Origin Validation is configured with RPKI" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3R3-S12" + }, + { + "version_affected": "<", + "version_name": "17.4", + "version_value": "17.4R3-S5" + }, + { + "version_affected": "<", + "version_name": "18.1", + "version_value": "18.1R3-S13" + }, + { + "version_affected": "<", + "version_name": "18.2", + "version_value": "18.2R3-S8" + }, + { + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S5" + }, + { + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S8, 18.4R3-S8" + }, + { + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R3-S5" + }, + { + "version_affected": "<", + "version_name": "19.2", + "version_value": "19.2R3-S2" + }, + { + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R2-S6, 19.3R3-S2" + }, + { + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R2-S4, 19.4R3-S3" + }, + { + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R3" + }, + { + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R3" + }, + { + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R2" + }, + { + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R2" + } + ] + } + }, + { + "product_name": "Junos OS Evolved", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "All", + "version_value": "20.4R2-S2-EVO" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "The config stanza affected by this issue:\n [ routing-options validation group session ]\n" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition.\nContinued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects:\nJuniper Networks Junos OS\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R2-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R3;\n20.3 versions prior to 20.3R2;\n20.4 versions prior to 20.4R2.\n\nJuniper Networks Junos OS Evolved\nAll versions prior to 20.4R2-S2-EVO." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 5.9, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11185", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11185" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R2-S4, 19.4R3-S3, 20.1R3, 20.2R3, 20.3R2, 20.4R2, 21.1R1 and all subsequent releases.\n\nJunos OS Evolved: 20.4R2-S2-EVO, 21.1R1-EVO, and all subsequent releases." + } + ], + "source": { + "advisory": "JSA11185", + "defect": [ + "1556207" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There are no viable workarounds for this issue." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0282.json b/2021/0xxx/CVE-2021-0282.json index 5d50ba47e34..b37ef4a7162 100644 --- a/2021/0xxx/CVE-2021-0282.json +++ b/2021/0xxx/CVE-2021-0282.json @@ -1,18 +1,156 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0282", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: RPD crash while processing a specific BGP UPDATE when Multipath or add-path features are enabled" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.3", + "version_value": "12.3R12-S18" + }, + { + "version_affected": "<", + "version_name": "15.1", + "version_value": "15.1R7-S9" + }, + { + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3R3-S11" + }, + { + "version_affected": "<", + "version_name": "17.4", + "version_value": "17.4R2-S13, 17.4R3-S4" + }, + { + "version_affected": "<", + "version_name": "18.1", + "version_value": "18.1R3-S12" + }, + { + "version_affected": "<", + "version_name": "18.2", + "version_value": "18.2R3-S7" + }, + { + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S4" + }, + { + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S6, 18.4R3-S6" + }, + { + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R3-S3" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "The examples of the config stanza affected by this issue:\n [ protocols bgp multipath ]\n [ protocols bgp group multipath ] \nor\n [ protocols bgp group family add-path ]" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition.\n\nThis BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart.\n\nThis issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network.\n\nJunos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue.\n\n\nThis issue affects:\nJuniper Networks Junos OS\n12.3 versions prior to 12.3R12-S18;\n15.1 versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S11;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S4;\n18.1 versions prior to 18.1R3-S12;\n18.2 versions prior to 18.2R3-S7;\n18.3 versions prior to 18.3R3-S4;\n18.4 versions prior to 18.4R2-S6, 18.4R3-S6;\n19.1 versions prior to 19.1R3-S3;\n" } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11186", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11186" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S18, 15.1R7-S9, 17.3R3-S11, 17.4R2-S13, 17.4R3-S4, 18.1R3-S12, 18.2R3-S7, 18.3R3-S4, 18.4R2-S6, 18.4R3-S6, 19.1R3-S3, 19.2R1, and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11186", + "defect": [ + "1412977" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "BGP Multipath or add-path features can be disabled to mitigate this issue." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0283.json b/2021/0xxx/CVE-2021-0283.json index d783131b5dc..1c91a02aafc 100644 --- a/2021/0xxx/CVE-2021-0283.json +++ b/2021/0xxx/CVE-2021-0283.json @@ -1,18 +1,210 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0283", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: Upon receipt of specific sequences of genuine packets destined to the device the kernel will crash and restart (vmcore)" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "12.3", + "version_value": "12.3R12-S19" + }, + { + "version_affected": "<", + "version_name": "15.1", + "version_value": "15.1R7-S10" + }, + { + "version_affected": ">=", + "version_name": "16.1", + "version_value": "16.1R1" + }, + { + "version_affected": ">=", + "version_name": "16.2", + "version_value": "16.2R1" + }, + { + "version_affected": ">=", + "version_name": "17.1", + "version_value": "17.1R1" + }, + { + "version_affected": ">=", + "version_name": "17.2", + "version_value": "17.2R1" + }, + { + "version_affected": ">=", + "version_name": "17.3", + "version_value": "17.3R1" + }, + { + "version_affected": "<", + "version_name": "18.1", + "version_value": "18.1R3-S13" + }, + { + "version_affected": ">=", + "version_name": "18.2", + "version_value": "18.2R1" + }, + { + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S5" + }, + { + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R3-S9" + }, + { + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R3-S6" + }, + { + "version_affected": "<", + "version_name": "19.2", + "version_value": "19.2R3-S3" + }, + { + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R3-S3" + }, + { + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R1-S4, 19.4R3-S5" + }, + { + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R2-S2, 20.1R3-S1" + }, + { + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R3-S2" + }, + { + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R3" + }, + { + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R2-S1, 20.4R3" + }, + { + "version_affected": "<", + "version_name": "21.1", + "version_value": "21.1R1-S1, 21.1R2" + }, + { + "version_affected": "<", + "version_name": "21.2", + "version_value": "21.2R2" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS).\n\nBy repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition.\n\nThe device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files:\n \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\"\n\nThese issue are only triggered by traffic destined to the device. Transit traffic will not trigger these issues.\nThis issue affects:\nJuniper Networks Junos OS\n12.3 versions prior to 12.3R12-S19;\n15.1 versions prior to 15.1R7-S10;\n16.1 version 16.1R1 and later versions;\n16.2 version 16.2R1 and later versions;\n17.1 version 17.1R1 and later versions;\n17.2 version 17.2R1 and later versions;\n17.3 version 17.3R1 and later versions;\n18.1 versions prior to 18.1R3-S13;\n18.2 version 18.2R1 and later versions;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior ot 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R3-S3;\n19.3 versions prior to 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2;\n21.2 versions prior to 21.2R2." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability.\n\nJuniper SIRT is aware of this occurring in production. In all reported cases the Junos device was not the intended target of the attack, but this vulnerability was still triggered.\n\n" + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-120 Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11200", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11200" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: 12.3R12-S19, 15.1R7-S10, 18.1R3-S13, 18.3R3-S5, 18.4R3-S9, 19.1R3-S6, 19.2R3-S3, 19.3R3-S3, 19.4R1-S4, 19.4R3-S5, 20.1R2-S2, 20.1R3-S1, 20.2R3-S2, 20.3R3, 20.4R2-S1, 20.4R3, 21.1R1-S1, 21.1R2, 21.2R2, 21.3R1, and all subsequent releases." + } + ], + "source": { + "advisory": "JSA11200", + "defect": [ + "1557881" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There are no available workarounds for this issue.\n\nTo reduce the risk of exploitation of this issue, use access lists or firewall filters to limit access to the device to only trusted administrative networks, hosts and users." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0285.json b/2021/0xxx/CVE-2021-0285.json index 41e3b424178..e089cd00293 100644 --- a/2021/0xxx/CVE-2021-0285.json +++ b/2021/0xxx/CVE-2021-0285.json @@ -1,18 +1,189 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0285", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: QFX5000 Series and EX4600 Series: Continuous traffic destined to a device configured with MC-LAG leading to nodes losing their control connection which can impact traffic" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "15.1", + "version_value": "15.1R7-S9" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3R3-S11" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "17.4", + "version_value": "17.4R2-S13, 17.4R3-S5" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S5" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S8, 18.4R3-S7" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R3-S5" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "19.2", + "version_value": "19.2R1-S6, 19.2R3-S2" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R2-S6, 19.3R3-S2" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3-S2" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R2-S2, 20.1R3" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R2-S3, 20.2R3" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R2" + }, + { + "platform": "QFX5000 Series and EX4600 Series", + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R1-S1, 20.4R2" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "This issue only affects devices with ICCP configured:\n\n[ protocols iccp peer ]" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP) interruptions, leading to an unstable control connection between the Multi-Chassis Link Aggregation Group (MC-LAG) nodes which can in turn lead to traffic loss.\nContinued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition.\n\nAn indication that the system could be impacted by this issue is the following log message:\n \"DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for protocol/exception LOCALNH:aggregate exceeded its allowed bandwidth at fpc for times, started at \"\nThis issue affects Juniper Networks Junos OS on QFX5000 Series and EX4600 Series:\n15.1 versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S11;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S5;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S7;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R1-S6, 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R2-S3, 20.2R3;\n20.3 versions prior to 20.3R2;\n20.4 versions prior to 20.4R1-S1, 20.4R2." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-770 Allocation of Resources Without Limits or Throttling" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11187", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11187" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: 15.1R7-S9, 17.3R3-S11, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S7, 19.1R3-S5, 19.2R1-S6, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3-S2, 20.1R2-S2, 20.1R3, 20.2R2-S3, 20.2R3, 20.3R2, 20.4R1-S1, 20.4R2, 21.1R1, and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11187", + "defect": [ + "1552877" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "While no complete workaround exists, the risk of malicious exploitation can be reduced by filtering undesirable traffic using firewall filters and policers, or increase the bandwidth for the localnh DDOS queue." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0286.json b/2021/0xxx/CVE-2021-0286.json index 4c005aa84ef..96853f63fd7 100644 --- a/2021/0xxx/CVE-2021-0286.json +++ b/2021/0xxx/CVE-2021-0286.json @@ -1,18 +1,114 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0286", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS Evolved: Specially crafted packets may cause the AFT manager process to crash and restart" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS Evolved", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20.4R2-EVO" + }, + { + "version_affected": "<", + "version_name": "21.1", + "version_value": "21.1R2-EVO" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and restart, impacting all traffic going through the FPC, resulting in a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition.\n\nFollowing messages will be logged prior to the crash:\n Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:35\n Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:37\n Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:44\n Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:47\n Feb 2 10:14:39 fpc0 audit[16263]: ANOM_ABEND auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=11\n Feb 2 10:14:39 fpc0 kernel: audit: type=1701 audit(1612260879.272:17): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=1\n\nThis issue affects Juniper Networks Junos OS Evolved: \nAll versions prior to 20.4R2-EVO;\n21.1 versions prior to 21.1R2-EVO.\n" } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-703 Improper Check or Handling of Exceptional Conditions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11188", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11188" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 20.4R2-EVO, 21.1R2-EVO, 21.2R1-EVO, and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11188", + "defect": [ + "1572969" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There are no viable workarounds for this issue." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0287.json b/2021/0xxx/CVE-2021-0287.json index 02814162da5..72b4d864d35 100644 --- a/2021/0xxx/CVE-2021-0287.json +++ b/2021/0xxx/CVE-2021-0287.json @@ -1,18 +1,176 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0287", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS and Junos OS Evolved: RPD could crash in SR-ISIS/MPLS environment due to a flap of an ISIS link in the network" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "version_affected": ">", + "version_name": "19.4", + "version_value": "19.4R1" + }, + { + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R1-S4, 19.4R3-S2" + }, + { + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R2-S1, 20.1R3" + }, + { + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R2-S2, 20.2R3" + }, + { + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R2" + }, + { + "version_affected": "!<", + "version_value": "19.4R1" + } + ] + } + }, + { + "product_name": "Junos OS Evolved", + "version": { + "version_data": [ + { + "version_affected": ">", + "version_name": "19.4", + "version_value": "19.4R1-EVO" + }, + { + "version_affected": ">", + "version_name": "20.1", + "version_value": "20.1R1-EVO" + }, + { + "version_affected": ">", + "version_name": "20.2", + "version_value": "20.2R1-EVO" + }, + { + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R2-EVO" + }, + { + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R2-EVO" + }, + { + "version_affected": "!<", + "version_value": "19.4R1-EVO" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "The two config stanzas required to be affected by this issue are shown below:\n\n [ routing-options flex-algorithm ]\n [ protocols isis source-packet-routing sensor-based-stats per-sid egress ]" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued link flaps will create a sustained Denial of Service (DoS) condition.\n\n\n\n\n\n\n\n\n\n\n\n\n\nThis issue affects:\nJuniper Networks Junos OS:\n19.4 versions prior to 19.4R1-S4, 19.4R3-S2;\n20.1 versions prior to 20.1R2-S1, 20.1R3;\n20.2 versions prior to 20.2R2-S2, 20.2R3;\n20.3 versions prior to 20.3R2;\n\nJuniper Networks Junos OS Evolved:\n20.3-EVO versions prior to 20.3R2-EVO;\n20.4-EVO versions prior to 20.4R2-EVO.\n\nThis issue does not affect:\nJuniper Networks Junos OS releases prior to 19.4R1.\nJuniper Networks Junos OS Evolved releases prior to 19.4R1-EVO." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11189", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11189" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: \n\nJunos OS: 19.4R1-S4, 19.4R3-S2, 20.1R2-S1, 20.1R3, 20.2R2-S2, 20.2R3, 20.3R2, 20.4R1, and all subsequent releases.\n\nJunos OS Evolved: 20.3R2-EVO, 20.4R2-EVO, 21.1R1-EVO, and all subsequent releases." + } + ], + "source": { + "advisory": "JSA11189", + "defect": [ + "1555627" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "Disabling IS-IS Flexible Algorithm for Segment Routing or sensor-based statistics will mitigate this issue." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0288.json b/2021/0xxx/CVE-2021-0288.json index 8f38594a46e..f598b66746a 100644 --- a/2021/0xxx/CVE-2021-0288.json +++ b/2021/0xxx/CVE-2021-0288.json @@ -1,18 +1,189 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0288", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: MX Series, EX9200 Series: FPC may crash upon receipt of specific MPLS packet affecting Trio-based MPCs" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3R3-S12" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "17.4", + "version_value": "17.4R2-S13, 17.4R3-S5" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "18.1", + "version_value": "18.1R3-S13" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "18.2", + "version_value": "18.2R3-S8" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S5" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S8, 18.4R3-S8" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R3-S5" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "19.2", + "version_value": "19.2R3-S2" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R2-S6, 19.3R3-S3" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R1-S4, 19.4R1-S4, 19.4R2-S4, 19.4R3-S2" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R3" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R2-S2, 20.2R3" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R2" + }, + { + "platform": "MX Series, EX9200 Series", + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R2" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. Continued receipt of this packet will sustain the Denial of Service (DoS) condition.\n\nThis issue only affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines).\nThis issue affects Juniper Networks Junos OS on MX Series, EX9200 Series:\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R2-S2, 20.2R3;\n20.3 versions prior to 20.3R2;\n20.4 versions prior to 20.4R2;" } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-754 Improper Check for Unusual or Exceptional Conditions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11190", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11190" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.1R3-S13, 18.2R3-S8, 18.3R3-S5, 18.4R2-S8, 18.4R3-S8, 19.1R3-S5, 19.2R3-S2, 19.3R2-S6, 19.3R3-S3, 19.4R2-S4, 19.4R3-S2, 20.1R3, 20.2R2-S2, 20.2R3, 20.3R2, 20.4R2, 21.1R1, and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11190", + "defect": [ + "1556576" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There are no viable workarounds for this issue." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0289.json b/2021/0xxx/CVE-2021-0289.json index eeb0adb7092..db00cf96b04 100644 --- a/2021/0xxx/CVE-2021-0289.json +++ b/2021/0xxx/CVE-2021-0289.json @@ -1,18 +1,277 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0289", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: User-defined ARP Policer isn't applied on Aggregated Ethernet (AE) interface until firewall process is restarted" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "version_affected": ">=", + "version_name": "5.6", + "version_value": "5.6R1" + }, + { + "version_affected": "<", + "version_name": "15.1", + "version_value": "15.1R7-S10" + }, + { + "version_affected": ">=", + "version_name": "15.1", + "version_value": "15.1F1" + }, + { + "version_affected": ">=", + "version_name": "16.1", + "version_value": "16.1R1" + }, + { + "version_affected": ">=", + "version_name": "16.2", + "version_value": "16.2R1" + }, + { + "version_affected": ">=", + "version_name": "17.1", + "version_value": "17.1R1" + }, + { + "version_affected": ">=", + "version_name": "17.2", + "version_value": "17.2R1" + }, + { + "version_affected": ">=", + "version_name": "17.3", + "version_value": "17.3R1" + }, + { + "version_affected": ">=", + "version_name": "17.4", + "version_value": "17.4R1" + }, + { + "version_affected": ">=", + "version_name": "18.1", + "version_value": "18.1R1" + }, + { + "version_affected": ">=", + "version_name": "18.2", + "version_value": "18.2R1" + }, + { + "version_affected": ">=", + "version_name": "18.3", + "version_value": "18.3R1" + }, + { + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S9, 18.4R3-S9" + }, + { + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R3-S3" + }, + { + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R3" + }, + { + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R3-S2" + }, + { + "version_affected": ">=", + "version_name": "20.3", + "version_value": "20.3R1" + }, + { + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R3" + }, + { + "version_affected": "<", + "version_name": "21.1", + "version_value": "21.1R2" + }, + { + "version_affected": "!<", + "version_value": "5.6R1" + } + ] + } + }, + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "platform": "SRX Series", + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S9, 18.4R3-S9" + }, + { + "platform": "SRX Series", + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R3-S3" + }, + { + "platform": "SRX Series", + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R3" + }, + { + "platform": "SRX Series", + "version_affected": "!<", + "version_name": "20.2", + "version_value": "20.2R3-S2" + }, + { + "platform": "SRX Series", + "version_affected": ">=", + "version_name": "20.3", + "version_value": "20.3R1" + }, + { + "platform": "SRX Series", + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R3" + }, + { + "platform": "SRX Series", + "version_affected": "<", + "version_name": "21.1", + "version_value": "21.1R2" + }, + { + "platform": "SRX Series", + "version_affected": "!<", + "version_name": "18.4", + "version_value": "18.4R1" + } + ] + } + }, + { + "product_name": "Junos OS Evolved", + "version": { + "version_data": [ + { + "version_affected": "!", + "version_name": "Any", + "version_value": "Any" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "First in config CLI mode check that is there any user ARP policers configured on an ae interface:\n\n show configuration | display set | match jtac-arp\n set groups jtac-arp-policer interfaces ae5 unit <*> family inet policer arp jtac-arp <<< this shows user arp policer configured on all ae interfaces\n\nNext validate which ARP policer is installed by using the operational cli command:\n\n“show interfaces extensive | match policer”\n show interfaces extensive | match policer\n Policer: Input: __default_arp_policer__ <<< incorrect if user arp policer was applied on ae interface and default arp policer is displayed\n Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user arp policer was applied on ae interface\n " + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer.\n\nTo review the desired ARP Policers and actual state one can run the command \"show interfaces <> extensive\" and review the output. See further details below.\n\nAn example output is:\n \n show interfaces extensive | match policer\n Policer: Input: __default_arp_policer__ <<< incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed\n Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user ARP Policer was applied on an AE interface\n\nFor all platforms, except SRX Series:\n\nThis issue affects Juniper Networks Junos OS:\nAll versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions;\n19.4 versions prior to 19.4R3-S3;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R3-S2;\n20.3 version 20.3R1 and later versions;\n20.4 versions prior to 20.4R3;\n21.1 versions prior to 21.1R2;\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 5.6R1.\n\nOn SRX Series this issue affects Juniper Networks Junos OS: \n\n18.4 versions prior to 18.4R2-S9, 18.4R3-S9;\n19.4 versions prior to 19.4R3-S4;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R3-S2;\n20.3 version 20.3R1 and later versions;\n20.4 versions prior to 20.4R3;\n21.1 versions prior to 21.1R2.\n\nThis issue does not affect 18.4 versions prior to 18.4R1 on SRX Series.\n\nThis issue does not affect Junos OS Evolved.\n" } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11191", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11191" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: For all platforms, except SRX Series, using Junos OS 15.1R7-S10, 18.4R2-S9, 18.4R3-S9, 19.4R3-S4, 20.1R3, 20.2R3-S2, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases. On SRX series using Junos OS 18.4R2-S9, 18.4R3-S9, 19.4R3-S4. 20.1R3, 20.4R3, 21.1R2, 21.2R1, and all subsequent releases." + } + ], + "source": { + "advisory": "JSA11191", + "defect": [ + "1528403" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There is no workaround for this issue. \n\nIf affected by this issue, to recover from its impact, restart the firewall process to update the ARP Policer on the AE interface unit(s). \nFrom the CLI issue: \n\n cli> restart firewall \n\nNote: no side effects on firewall restart shall be seen when issuing this command.\n " + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0290.json b/2021/0xxx/CVE-2021-0290.json index 3369c008d8d..2f124e441fe 100644 --- a/2021/0xxx/CVE-2021-0290.json +++ b/2021/0xxx/CVE-2021-0290.json @@ -1,18 +1,181 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0290", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: MX Series, EX9200 Series, SRX4600: Ethernet interface vulnerable to specially crafted frames" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "version_affected": "!<", + "version_value": "16.1R1" + }, + { + "platform": "MX Series", + "version_affected": "<", + "version_name": "16.1", + "version_value": "16.1R7-S7" + }, + { + "platform": "MX Series", + "version_affected": ">=", + "version_name": "17.1", + "version_value": "17.1R1" + }, + { + "platform": "MX Series", + "version_affected": "<", + "version_name": "17.2", + "version_value": "17.2R3-S3" + }, + { + "platform": "MX Series", + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3R3-S8" + }, + { + "platform": "MX Series, SRX4600", + "version_affected": "<", + "version_name": "17.4", + "version_value": "17.4R2-S11, 17.4R3-S1" + }, + { + "platform": "MX Series, EX9200 Series, SRX4600", + "version_affected": "<", + "version_name": "18.1", + "version_value": "18.1R3-S10" + }, + { + "platform": "MX Series, EX9200 Series, SRX4600", + "version_affected": "<", + "version_name": "18.2", + "version_value": "18.2R3-S3" + }, + { + "platform": "MX Series, EX9200 Series, SRX4600", + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S1" + }, + { + "platform": "MX Series, EX9200 Series, SRX4600", + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S3, 18.4R3" + }, + { + "platform": "MX Series, EX9200 Series, SRX4600", + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R2-S1, 19.1R3" + }, + { + "platform": "MX Series, EX9200 Series, SRX4600", + "version_affected": "<", + "version_name": "19.2", + "version_value": "19.2R1-S3, 19.2R2" + }, + { + "platform": "MX Series, EX9200 Series, SRX4600", + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R2" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting in a Denial of Service (DoS) condition. The interface does not recover on its own and the FPC must be reset manually. Continued receipt and processing of these frames will create a sustained Denial of Service (DoS) condition.\n\nThis issue is platform-specific and affects the following platforms and line cards:\n\n* MPC7E/8E/9E and MPC10E on MX240, MX480, MX960, MX2008, MX2010, and MX2020\n* MX204, MX10003, MX10008, MX10016\n* EX9200, EX9251\n* SRX4600\n\nNo other products or platforms are affected by this vulnerability.\n\nAn indication of this issue occurring can be seen in the system log messages, as shown below:\n\n user@host> show log messages | match \"Failed to complete DFE tuning\" \n fpc4 smic_phy_dfe_tuning_state: et-4/1/6 - Failed to complete DFE tuning (count 3)\n\nand interface will be in a permanently down state:\n\n user@host> show interfaces et-4/1/6 terse \n Interface Admin Link Proto Local Remote\n et-4/1/6 up down\n et-4/1/6.0 up down aenet --> ae101.0\n\nThis issue affects Juniper Networks Junos OS:\n16.1 versions prior to 16.1R7-S7 on MX Series;\n17.1R1 and later versions prior to 17.2R3-S3 on MX Series;\n17.3 versions prior to 17.3R3-S8 on MX Series;\n17.4 versions prior to 17.4R2-S11, 17.4R3-S1 on MX Series, SRX4600;\n18.1 versions prior to 18.1R3-S10 on MX Series, EX9200 Series, SRX4600;\n18.2 versions prior to 18.2R3-S3 on MX Series, EX9200 Series, SRX4600;\n18.3 versions prior to 18.3R3-S1 on MX Series, EX9200 Series, SRX4600;\n18.4 versions prior to 18.4R2-S3, 18.4R3 on MX Series, EX9200 Series, SRX4600;\n19.1 versions prior to 19.1R2-S1, 19.1R3 on MX Series, EX9200 Series, SRX4600;\n19.2 versions prior to 19.2R1-S3, 19.2R2 on MX Series, EX9200 Series, SRX4600;\n19.3 versions prior to 19.3R2 on MX Series, EX9200 Series, SRX4600.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 16.1R1." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-755 Improper Handling of Exceptional Conditions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11192", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11192" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: Junos OS 16.1R7-S7, 17.2R3-S3, 17.3R3-S8, 17.4R2-S11, 17.4R3-S1, 17.4R3-S5, 18.1R3-S10, 18.2R3-S3, 18.2R3-S8, 18.3R3-S1, 18.4R2-S3, 18.4R3, 19.1R2-S1, 19.1R3, 19.2R1-S3, 19.2R2, 19.3R2, 19.4R1, and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11192", + "defect": [ + "1463015" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There are no viable workarounds for this issue." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0291.json b/2021/0xxx/CVE-2021-0291.json index 1a7ebedd37c..225235d5133 100644 --- a/2021/0xxx/CVE-2021-0291.json +++ b/2021/0xxx/CVE-2021-0291.json @@ -1,18 +1,186 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0291", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS and Junos OS Evolved: A vulnerability allows a network based unauthenticated attacker which sends a high rate of specific traffic to cause a partial Denial of Service" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "15.1", + "version_value": "15.1R7-S9" + }, + { + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3R3-S12" + }, + { + "version_affected": "<", + "version_name": "17.4", + "version_value": "17.4R2-S13, 17.4R3-S5" + }, + { + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S5" + }, + { + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S8, 18.4R3-S9" + }, + { + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R3-S5" + }, + { + "version_affected": "<", + "version_name": "19.2", + "version_value": "19.2R3-S2" + }, + { + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R2-S6, 19.3R3-S2" + }, + { + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R1-S4, 19.4R2-S4, 19.4R3" + }, + { + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R2" + }, + { + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R2" + }, + { + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R2" + }, + { + "version_affected": "!<", + "version_value": "13.2R1" + } + ] + } + }, + { + "product_name": "Junos OS Evolved", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "20.3R2-EVO" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "SRX and EX platforms are affected by default, whereas all other platforms running Junos OS and Junos OS Evolved are only affected if:\n\n [ snmp subagent tcp ]\n\nis configured." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of specific traffic may lead to a partial Denial of Service (DoS) as the CPU utilization of the RE is significantly increased.\n\nThe SNMP Agent Extensibility (agentx) process should only be listening to TCP port 705 on the internal routing instance. External connections destined to port 705 should not be allowed.\n\nThis issue affects:\nJuniper Networks Junos OS:\n15.1 versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S5;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3;\n20.1 versions prior to 20.1R2;\n20.2 versions prior to 20.2R2;\n20.3 versions prior to 20.3R2.\n\nJuniper Networks Junos OS Evolved versions prior to 20.3R2-EVO.\n\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 13.2R1.\n" } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-497 Exposure of System Data to an Unauthorized Control Sphere" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11193", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11193" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue:\nJunos OS: 15.1R7-S9, 17.3R3-S12, 17.4R2-S13, 17.4R3-S5, 18.3R3-S5, 18.4R2-S8, 19.1R3-S5, 19.2R3-S2, 19.3R2-S6, 19.3R3-S2, 19.4R1-S4, 19.4R2-S4, 19.4R3, 20.1R2, 20.2R2, 20.2R3, 20.3R2, 20.4R1, and all subsequent releases.\nJunos OS Evolved: 20.3R2-EVO, 20.4R1-EVO, and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11193", + "defect": [ + "1536350" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "Use access lists or firewall filters to deny access to TCP port 705. " + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0292.json b/2021/0xxx/CVE-2021-0292.json index 6ecb7229ebf..a37fc2ecfb3 100644 --- a/2021/0xxx/CVE-2021-0292.json +++ b/2021/0xxx/CVE-2021-0292.json @@ -1,18 +1,124 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0292", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS Evolved: Memory leak in arpd or ndp processes can lead to Denial of Service (DoS)" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS Evolved", + "version": { + "version_data": [ + { + "version_affected": "!<", + "version_value": "19.4R2-EVO" + }, + { + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R2-S3-EVO" + }, + { + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R2-S4-EVO" + }, + { + "version_affected": ">=", + "version_name": "20.2", + "version_value": "20.2R1-EVO" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition. Link-layer functions such as IPv4 and/or IPv6 address resolution may be impacted, leading to traffic loss. The processes do not recover on their own and must be manually restarted. \n\nChanges in memory usage can be monitored using the following shell commands (header shown for clarity):\n\n user@router:/var/log# ps aux | grep arpd\n USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND\n root 31418 59.0 0.7 *5702564* 247952 ? xxx /usr/sbin/arpd --app-name arpd -I object_select --shared-objects-mode 3\n\n user@router:/var/log# ps aux | grep arpd\n USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND\n root 31418 49.1 1.0 *5813156* 351184 ? xxx /usr/sbin/arpd --app-name arpd -I object_select --shared-objects-mode 3\n\nMemory usage can be monitored for the ndp process in a similar fashion:\n\n user@router:/var/log# ps aux | grep ndp\n USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND\n root 14935 0.0 0.1 *5614052* 27256 ? Ssl Jun15 0:17 /usr/sbin/ndp -I no_tab_chk,object_select --app-name ndp --shared-obje\n\n user@router:/var/log# ps aux | grep ndp\n USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND\n root 14935 0.0 0.1 *5725164* 27256 ? Ssl Jun15 0:17 /usr/sbin/ndp -I no_tab_chk,object_select --app-name ndp --shared-obje\n\nThis issue affects Juniper Networks Junos OS Evolved:\n19.4 versions prior to 19.4R2-S3-EVO;\n20.1 versions prior to 20.1R2-S4-EVO;\nall versions of 20.2-EVO.\n\nThis issue does not affect Juniper Networks Junos OS Evolved versions prior to 19.4R2-EVO." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400 Uncontrolled Resource Consumption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11194", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11194" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: Junos OS Evolved 19.4R2-S3-EVO, 20.1R2-S4-EVO, 20.3R1-EVO, and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11194", + "defect": [ + "1531154" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There are no known workarounds for this issue." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0293.json b/2021/0xxx/CVE-2021-0293.json index 40e0c47f333..625d997906a 100644 --- a/2021/0xxx/CVE-2021-0293.json +++ b/2021/0xxx/CVE-2021-0293.json @@ -1,18 +1,159 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0293", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: Out-of-memory condition and crashes can occur after executing a certain CLI command repeatedly" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S4" + }, + { + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R1-S8, 18.4R2-S6, 18.4R3-S7" + }, + { + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R1-S6, 19.1R2-S2, 19.1R3-S4" + }, + { + "version_affected": "<", + "version_name": "19.2", + "version_value": "19.2R1-S6, 19.2R3-S2" + }, + { + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R2-S6, 19.3R3-S1" + }, + { + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R1-S4, 19.4R2-S3, 19.4R3-S1" + }, + { + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R2" + }, + { + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R2-S1, 20.2R3" + }, + { + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R1-S1, 20.3R2" + }, + { + "version_affected": "!<", + "version_value": "18.2R1" + }, + { + "version_affected": "<", + "version_name": "18.2", + "version_value": "18.2R2-S8, 18.2R3-S7" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' is executed. The amount of memory leaked on each execution depends on the number of TCP connections from and to the system. Repeated execution will cause more memory to leak and eventually daemons that need to allocate additionally memory and ultimately the kernel to crash, which will result in traffic loss.\nContinued execution of this command will cause a sustained Denial of Service (DoS) condition.\n\nAn administrator can use the following CLI command to monitor for increase in memory consumption of the netstat process, if it exists:\n\n user@junos> show system processes extensive | match \"username|netstat\"\n \n PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND\n 21181 root 100 0 5458M 4913M CPU3 2 0:59 97.27% netstat\n\nThe following log message might be observed if this issue happens:\n\n kernel: %KERN-3: pid 21181 (netstat), uid 0, was killed: out of swap space\n\nThis issue affects Juniper Networks Junos OS\n18.2 versions prior to 18.2R2-S8, 18.2R3-S7.\n18.3 versions prior to 18.3R3-S4;\n18.4 versions prior to 18.4R1-S8, 18.4R2-S6, 18.4R3-S7;\n19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4;\n19.2 versions prior to 19.2R1-S6, 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S1;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S3, 19.4R3-S1;\n20.1 versions prior to 20.1R2;\n20.2 versions prior to 20.2R2-S1, 20.2R3;\n20.3 versions prior to 20.3R1-S1, 20.3R2;\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 18.2R1." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-401 Missing Release of Memory after Effective Lifetime" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11195", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11195" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: 18.2R2-S8, 18.2R3-S7, 18.3R3-S4, 18.4R1-S8, 18.4R2-S6, 18.4R3-S7, 19.1R1-S6, 19.1R2-S2, 19.1R3-S4, 19.2R1-S6, 19.2R3-S2, 19.3R2-S6, 19.3R3-S1, 19.3R3-S2, 19.4R1-S4, 19.4R2-S3, 19.4R3-S1, 20.1R2, 20.2R2-S1, 20.2R3, 20.3R1-S1, 20.3R2, 20.4R1, and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11195", + "defect": [ + "1548355" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "Please use 'show system connections' (without extensive) and restrict access to 'show system connections extensive'.\n\nTo recover please use:\n\n request system process terminate \n\nwith the PID for the netstat process from the output of 'show system processes extensive'." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0294.json b/2021/0xxx/CVE-2021-0294.json index ff7d6d734c8..3048fea8b77 100644 --- a/2021/0xxx/CVE-2021-0294.json +++ b/2021/0xxx/CVE-2021-0294.json @@ -1,18 +1,116 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0294", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: QFX5000 Series and EX4600 Series: Enhanced storm control might not work leading to partial Denial of Service" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "platform": "QFX5000 Series, EX4600 Series", + "version_affected": "=", + "version_value": "18.4R2-S5" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "configuration": [ + { + "lang": "eng", + "value": "This issue only affects the above devices if configured with:\n\n [ forwarding-options storm-control enhanced ]" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and if \"storm-control enhanced\" is configured, can lead to the enhanced storm control filter group not be installed. It will cause storm control not to work hence allowing an attacker to cause high CPU usage or packet loss issues by sending a large amount of broadcast or unknown unicast packets arriving the device.\n\nThis issue affects Juniper Networks QFX5100, QFX5110, QFX5120, QFX5200, QFX5210, EX4600, and EX4650, and QFX5100 with QFX 5e Series image installed.\n\nQFX5130 and QFX5220 are not affected from this issue.\nThis issue affects Juniper Networks Junos OS 18.4R2-S5 on QFX5000 Series and EX4600 Series.\n\nNo other product or platform is affected by this vulnerability.\n" } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-474 : Use of Function with Inconsistent Implementations" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11196", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11196" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases has been updated to resolve this specific issue: Junos OS 18.4R2-S6." + } + ], + "source": { + "advisory": "JSA11196", + "defect": [ + "1544160" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There are no viable workarounds for this issue." + } + ] } \ No newline at end of file diff --git a/2021/0xxx/CVE-2021-0295.json b/2021/0xxx/CVE-2021-0295.json index 33fa7978b6a..3d833adb31c 100644 --- a/2021/0xxx/CVE-2021-0295.json +++ b/2021/0xxx/CVE-2021-0295.json @@ -1,18 +1,189 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "sirt@juniper.net", + "DATE_PUBLIC": "2021-07-14T16:00:00.000Z", "ID": "CVE-2021-0295", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Junos OS: QFX10K Series: Denial of Service (DoS) upon receipt of DVMRP packets received on multi-homing ESI in VXLAN." }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Junos OS", + "version": { + "version_data": [ + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "17.3", + "version_value": "17.3R3-S12" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "17.4", + "version_value": "17.4R3-S5" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "18.1", + "version_value": "18.1R3-S13" + }, + { + "platform": "QFX10K Series", + "version_affected": ">=", + "version_name": "18.2", + "version_value": "18.2R1" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "18.3", + "version_value": "18.3R3-S5" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "18.4", + "version_value": "18.4R2-S9, 18.4R3-S8" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "19.1", + "version_value": "19.1R3-S5" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "19.2", + "version_value": "19.2R1-S7, 19.2R3-S2" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "19.3", + "version_value": "19.3R3-S2" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "19.4", + "version_value": "19.4R3-S3" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "20.1", + "version_value": "20.1R2-S2, 20.1R3" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "20.2", + "version_value": "20.2R3" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "20.3", + "version_value": "20.3R3" + }, + { + "platform": "QFX10K Series", + "version_affected": "<", + "version_name": "20.4", + "version_value": "20.4R2" + } + ] + } + } + ] + }, + "vendor_name": "Juniper Networks" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). The issue is caused by DVMRP packets looping on a multi-homed Ethernet Segment Identifier (ESI) when VXLAN is configured. DVMRP packets received on a multi-homed ESI are sent to the peer, and then incorrectly forwarded out the same ESI, violating the split horizon rule.\n\nThis issue only affects QFX10K Series switches, including the QFX10002, QFX10008, and QFX10016. Other products and platforms are unaffected by this vulnerability.\nThis issue affects Juniper Networks Junos OS on QFX10K Series:\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 version 18.2R1 and later versions;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S9, 18.4R3-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S2;\n19.3 versions prior to 19.3R3-S2;\n19.4 versions prior to 19.4R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R3;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2." } ] - } + }, + "exploit": [ + { + "lang": "eng", + "value": "Juniper SIRT is not aware of any malicious exploitation of this vulnerability." + } + ], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "ADJACENT_NETWORK", + "availabilityImpact": "LOW", + "baseScore": 6.1, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-697 Incorrect Comparison" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://kb.juniper.net/JSA11208", + "refsource": "CONFIRM", + "url": "https://kb.juniper.net/JSA11208" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "The following software releases have been updated to resolve this specific issue: Junos OS 17.3R3-S12, 17.4R3-S5, 18.1R3-S13, 18.3R3-S5, 18.4R2-S9, 18.4R3-S8, 19.1R3-S5, 19.2R1-S7, 19.2R3-S2, 19.3R3-S2, 19.4R3-S3, 20.1R2-S2, 20.1R3, 20.2R3, 20.3R3, 20.4R2, 21.1R1, and all subsequent releases.\n" + } + ], + "source": { + "advisory": "JSA11208", + "defect": [ + "1539194" + ], + "discovery": "USER" + }, + "work_around": [ + { + "lang": "eng", + "value": "There are no viable workarounds for this issue.\n\nService may be temporarily restored by disabling/enabled the IRB affected by this issue. Note that this will cause a temporary service interruption as the interface is flapped.\n" + } + ] } \ No newline at end of file From fabd2210705052da17110bcc703a878e28fa99f4 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 15 Jul 2021 20:00:49 +0000 Subject: [PATCH 08/26] "-Synchronized-Data." --- 2020/11xxx/CVE-2020-11632.json | 50 ++++++++++++++++++++-- 2020/11xxx/CVE-2020-11634.json | 50 ++++++++++++++++++++-- 2021/36xxx/CVE-2021-36753.json | 77 ++++++++++++++++++++++++++++++++++ 3 files changed, 171 insertions(+), 6 deletions(-) create mode 100644 2021/36xxx/CVE-2021-36753.json diff --git a/2020/11xxx/CVE-2020-11632.json b/2020/11xxx/CVE-2020-11632.json index 4a3400f3178..434b2a2268f 100644 --- a/2020/11xxx/CVE-2020-11632.json +++ b/2020/11xxx/CVE-2020-11632.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11632", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@zscaler.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2020?applicable_category=Windows&applicable_version=2.1.2.105", + "url": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2020?applicable_category=Windows&applicable_version=2.1.2.105" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Zscaler Client Connector prior to 2.1.2.150 did not quote the search path for services, which allows a local adversary to execute code with system privileges." } ] } diff --git a/2020/11xxx/CVE-2020-11634.json b/2020/11xxx/CVE-2020-11634.json index e8ef90a4906..88219e37d41 100644 --- a/2020/11xxx/CVE-2020-11634.json +++ b/2020/11xxx/CVE-2020-11634.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-11634", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cve@zscaler.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2020?applicable_category=Windows&applicable_version=2.1.2.105", + "url": "https://help.zscaler.com/zscaler-client-connector/client-connector-app-release-summary-2020?applicable_category=Windows&applicable_version=2.1.2.105" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "The Zscaler Client Connector for Windows prior to 2.1.2.105 had a DLL hijacking vulnerability caused due to the configuration of OpenSSL. A local adversary may be able to execute arbitrary code in the SYSTEM context." } ] } diff --git a/2021/36xxx/CVE-2021-36753.json b/2021/36xxx/CVE-2021-36753.json new file mode 100644 index 00000000000..803ea8792bf --- /dev/null +++ b/2021/36xxx/CVE-2021-36753.json @@ -0,0 +1,77 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-36753", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "sharkdp BAT before 0.18.2 executes less.exe from the current working directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/sharkdp/bat/releases/tag/v0.18.2", + "refsource": "MISC", + "name": "https://github.com/sharkdp/bat/releases/tag/v0.18.2" + }, + { + "url": "https://github.com/sharkdp/bat/pull/1724", + "refsource": "MISC", + "name": "https://github.com/sharkdp/bat/pull/1724" + }, + { + "url": "https://github.com/sharkdp/bat/commit/bf2b2df9c9e218e35e5a38ce3d03cffb7c363956", + "refsource": "MISC", + "name": "https://github.com/sharkdp/bat/commit/bf2b2df9c9e218e35e5a38ce3d03cffb7c363956" + }, + { + "url": "https://vuln.ryotak.me/advisories/53", + "refsource": "MISC", + "name": "https://vuln.ryotak.me/advisories/53" + } + ] + } +} \ No newline at end of file From 1d802886b36fdcb8bd31128e60b30fd01daeb1fc Mon Sep 17 00:00:00 2001 From: "Shelby J. Cunningham" Date: Thu, 15 Jul 2021 16:36:00 -0400 Subject: [PATCH 09/26] Add CVE-2021-32764 for GHSA-9x4c-29xg-56hw --- 2021/32xxx/CVE-2021-32764.json | 77 +++++++++++++++++++++++++++++++--- 1 file changed, 71 insertions(+), 6 deletions(-) diff --git a/2021/32xxx/CVE-2021-32764.json b/2021/32xxx/CVE-2021-32764.json index 2fe5c90f36b..04ba6028ecd 100644 --- a/2021/32xxx/CVE-2021-32764.json +++ b/2021/32xxx/CVE-2021-32764.json @@ -1,18 +1,83 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security-advisories@github.com", "ID": "CVE-2021-32764", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "YouTube Onebox susceptible to XSS" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "discourse", + "version": { + "version_data": [ + { + "version_value": "<= 2.7.5" + } + ] + } + } + ] + }, + "vendor_name": "discourse" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Discourse is an open-source discussion platform. In Discourse versions 2.7.5 and prior, parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. The issue is patched in `stable` version 2.7.6, `beta` version 2.8.0.beta3, and `tests-passed` version 2.8.0.beta3. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks." } ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://github.com/discourse/discourse/security/advisories/GHSA-9x4c-29xg-56hw", + "refsource": "CONFIRM", + "url": "https://github.com/discourse/discourse/security/advisories/GHSA-9x4c-29xg-56hw" + } + ] + }, + "source": { + "advisory": "GHSA-9x4c-29xg-56hw", + "discovery": "UNKNOWN" } } \ No newline at end of file From 89831948a66ccbca78a31970ca8bb9d69794410f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 15 Jul 2021 21:01:00 +0000 Subject: [PATCH 10/26] "-Synchronized-Data." --- 2021/0xxx/CVE-2021-0276.json | 2 +- 2021/0xxx/CVE-2021-0277.json | 2 +- 2021/0xxx/CVE-2021-0278.json | 2 +- 2021/0xxx/CVE-2021-0279.json | 2 +- 2021/0xxx/CVE-2021-0280.json | 2 +- 2021/0xxx/CVE-2021-0281.json | 2 +- 2021/0xxx/CVE-2021-0282.json | 2 +- 2021/0xxx/CVE-2021-0283.json | 2 +- 2021/0xxx/CVE-2021-0285.json | 2 +- 2021/0xxx/CVE-2021-0286.json | 2 +- 2021/0xxx/CVE-2021-0287.json | 2 +- 2021/0xxx/CVE-2021-0288.json | 2 +- 2021/0xxx/CVE-2021-0289.json | 4 ++-- 2021/0xxx/CVE-2021-0290.json | 2 +- 2021/0xxx/CVE-2021-0291.json | 2 +- 2021/0xxx/CVE-2021-0292.json | 2 +- 2021/0xxx/CVE-2021-0293.json | 2 +- 2021/0xxx/CVE-2021-0294.json | 2 +- 2021/0xxx/CVE-2021-0295.json | 2 +- 2021/32xxx/CVE-2021-32764.json | 2 +- 20 files changed, 21 insertions(+), 21 deletions(-) diff --git a/2021/0xxx/CVE-2021-0276.json b/2021/0xxx/CVE-2021-0276.json index 799d4254687..c27e2c664b6 100644 --- a/2021/0xxx/CVE-2021-0276.json +++ b/2021/0xxx/CVE-2021-0276.json @@ -54,7 +54,7 @@ "description_data": [ { "lang": "eng", - "value": "A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). \n\n\n \nThis issue affects Juniper Networks SBR Carrier:\n8.4.1 versions prior to 8.4.1R19;\n8.5.0 versions prior to 8.5.0R10;\n8.6.0 versions prior to 8.6.0R4.\n" + "value": "A stack-based Buffer Overflow vulnerability in Juniper Networks SBR Carrier with EAP (Extensible Authentication Protocol) authentication configured, allows an attacker sending specific packets causing the radius daemon to crash resulting with a Denial of Service (DoS) or leading to remote code execution (RCE). By continuously sending this specific packets, an attacker can repeatedly crash the radius daemon, causing a sustained Denial of Service (DoS). This issue affects Juniper Networks SBR Carrier: 8.4.1 versions prior to 8.4.1R19; 8.5.0 versions prior to 8.5.0R10; 8.6.0 versions prior to 8.6.0R4." } ] }, diff --git a/2021/0xxx/CVE-2021-0277.json b/2021/0xxx/CVE-2021-0277.json index e8d0ed8abd4..7215504fca9 100644 --- a/2021/0xxx/CVE-2021-0277.json +++ b/2021/0xxx/CVE-2021-0277.json @@ -136,7 +136,7 @@ "description_data": [ { "lang": "eng", - "value": "An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition.\n\nThis issue affects:\nJuniper Networks Junos OS:\n12.3 versions prior to 12.3R12-S18;\n15.1 versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R3-S3;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R3-S1;\n20.3 versions prior to 20.3R2-S1, 20.3R3;\n20.4 versions prior to 20.4R2.\n\nJuniper Networks Junos OS Evolved versions prior to 20.4R2-EVO." + "value": "An Out-of-bounds Read vulnerability in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd) of Juniper Networks Junos OS and Junos OS Evolved may allow an attacker to cause a Denial of Service (DoS), or may lead to remote code execution (RCE). Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3-S1; 20.3 versions prior to 20.3R2-S1, 20.3R3; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved versions prior to 20.4R2-EVO." } ] }, diff --git a/2021/0xxx/CVE-2021-0278.json b/2021/0xxx/CVE-2021-0278.json index e2cf42d43d6..556e56c78d3 100644 --- a/2021/0xxx/CVE-2021-0278.json +++ b/2021/0xxx/CVE-2021-0278.json @@ -89,7 +89,7 @@ "description_data": [ { "lang": "eng", - "value": "An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device.\n\njunos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1\nThis issue affects:\nJuniper Networks Junos OS\n19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 19.3R1." + "value": "An Improper Input Validation vulnerability in J-Web of Juniper Networks Junos OS allows a locally authenticated attacker to escalate their privileges to root over the target device. junos:18.3R3-S5 junos:18.4R3-S9 junos:19.1R3-S6 junos:19.3R2-S6 junos:19.3R3-S3 junos:19.4R1-S4 junos:19.4R3-S4 junos:20.1R2-S2 junos:20.1R3 junos:20.2R3-S1 junos:20.3X75-D20 junos:20.3X75-D30 junos:20.4R2-S1 junos:20.4R3 junos:21.1R1-S1 junos:21.1R2 junos:21.2R1 junos:21.3R1 This issue affects: Juniper Networks Junos OS 19.3 versions 19.3R1 and above prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2. This issue does not affect Juniper Networks Junos OS versions prior to 19.3R1." } ] }, diff --git a/2021/0xxx/CVE-2021-0279.json b/2021/0xxx/CVE-2021-0279.json index 3ea35411710..eed2c56d273 100644 --- a/2021/0xxx/CVE-2021-0279.json +++ b/2021/0xxx/CVE-2021-0279.json @@ -37,7 +37,7 @@ "description_data": [ { "lang": "eng", - "value": "Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative service for RabbitMQ (e.g. GUI), can use these hardcoded credentials to cause a Denial of Service (DoS) or have access to unspecified sensitive system information.\n\nThis issue affects the Juniper Networks Contrail Cloud releases on versions prior to 13.6.0.\n\n" + "value": "Juniper Networks Contrail Cloud (CC) releases prior to 13.6.0 have RabbitMQ service enabled by default with hardcoded credentials. The messaging services of RabbitMQ are used when coordinating operations and status information among Contrail services. An attacker with access to an administrative service for RabbitMQ (e.g. GUI), can use these hardcoded credentials to cause a Denial of Service (DoS) or have access to unspecified sensitive system information. This issue affects the Juniper Networks Contrail Cloud releases on versions prior to 13.6.0." } ] }, diff --git a/2021/0xxx/CVE-2021-0280.json b/2021/0xxx/CVE-2021-0280.json index b322f8b473f..81be17d62af 100644 --- a/2021/0xxx/CVE-2021-0280.json +++ b/2021/0xxx/CVE-2021-0280.json @@ -111,7 +111,7 @@ "description_data": [ { "lang": "eng", - "value": "Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). This may cause BFD sessions to flap when a high rate of specific packets are received. Flapping of BFD sessions in turn may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects only the following platforms with Paradise (PE) chipset-based line cards:\nPTX1000, PTX3000 (NextGen), PTX5000, PTX10008, PTX10016 Series and QFX10002 Series.\nThis issue affects:\nJuniper Networks Junos OS\n17.4 versions prior to 17.4R3-S5 on PTX Series, QFX10K Series;\n18.2 versions prior to 18.2R3-S8 on PTX Series, QFX10K Series;\n18.3 versions prior to 18.3R3-S5 on PTX Series, QFX10K Series;\n18.4 versions prior to 18.4R2-S8 on PTX Series, QFX10K Series;\n19.1 versions prior to 19.1R3-S5 on PTX Series, QFX10K Series;\n19.2 versions prior to 19.2R3-S2 on PTX Series, QFX10K Series;\n19.3 versions prior to 19.3R3-S2 on PTX Series, QFX10K Series;\n19.4 versions prior to 19.4R3-S2 on PTX Series, QFX10K Series;\n20.1 versions prior to 20.1R3 on PTX Series, QFX10K Series;\n20.2 versions prior to 20.2R2-S3, 20.2R3 on PTX Series, QFX10K Series;\n20.3 versions prior to 20.3R2 on PTX Series, QFX10K Series;\n20.4 versions prior to 20.4R2 on PTX Series, QFX10K Series." + "value": "Due to an Improper Initialization vulnerability in Juniper Networks Junos OS on PTX platforms and QFX10K Series with Paradise (PE) chipset-based line cards, ddos-protection configuration changes made from the CLI will not take effect as expected beyond the default DDoS (Distributed Denial of Service) settings in the Packet Forwarding Engine (PFE). This may cause BFD sessions to flap when a high rate of specific packets are received. Flapping of BFD sessions in turn may impact routing protocols and network stability, leading to a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects only the following platforms with Paradise (PE) chipset-based line cards: PTX1000, PTX3000 (NextGen), PTX5000, PTX10008, PTX10016 Series and QFX10002 Series. This issue affects: Juniper Networks Junos OS 17.4 versions prior to 17.4R3-S5 on PTX Series, QFX10K Series; 18.2 versions prior to 18.2R3-S8 on PTX Series, QFX10K Series; 18.3 versions prior to 18.3R3-S5 on PTX Series, QFX10K Series; 18.4 versions prior to 18.4R2-S8 on PTX Series, QFX10K Series; 19.1 versions prior to 19.1R3-S5 on PTX Series, QFX10K Series; 19.2 versions prior to 19.2R3-S2 on PTX Series, QFX10K Series; 19.3 versions prior to 19.3R3-S2 on PTX Series, QFX10K Series; 19.4 versions prior to 19.4R3-S2 on PTX Series, QFX10K Series; 20.1 versions prior to 20.1R3 on PTX Series, QFX10K Series; 20.2 versions prior to 20.2R2-S3, 20.2R3 on PTX Series, QFX10K Series; 20.3 versions prior to 20.3R2 on PTX Series, QFX10K Series; 20.4 versions prior to 20.4R2 on PTX Series, QFX10K Series." } ] }, diff --git a/2021/0xxx/CVE-2021-0281.json b/2021/0xxx/CVE-2021-0281.json index 0d7f0e7ce16..b1e6238f7ba 100644 --- a/2021/0xxx/CVE-2021-0281.json +++ b/2021/0xxx/CVE-2021-0281.json @@ -121,7 +121,7 @@ "description_data": [ { "lang": "eng", - "value": "On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition.\nContinued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition.\n\nThis issue affects:\nJuniper Networks Junos OS\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R2-S4, 19.4R3-S3;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R3;\n20.3 versions prior to 20.3R2;\n20.4 versions prior to 20.4R2.\n\nJuniper Networks Junos OS Evolved\nAll versions prior to 20.4R2-S2-EVO." + "value": "On Juniper Networks Junos OS devices configured with BGP origin validation using Resource Public Key Infrastructure (RPKI) receipt of a specific packet from the RPKI cache server may cause routing process daemon (RPD) to crash and restart, creating a Denial of Service (DoS) condition. Continued receipt and processing of this packet will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R2-S4, 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2. Juniper Networks Junos OS Evolved All versions prior to 20.4R2-S2-EVO." } ] }, diff --git a/2021/0xxx/CVE-2021-0282.json b/2021/0xxx/CVE-2021-0282.json index b37ef4a7162..2cc7dbfb099 100644 --- a/2021/0xxx/CVE-2021-0282.json +++ b/2021/0xxx/CVE-2021-0282.json @@ -84,7 +84,7 @@ "description_data": [ { "lang": "eng", - "value": "On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition.\n\nThis BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart.\n\nThis issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network.\n\nJunos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue.\n\n\nThis issue affects:\nJuniper Networks Junos OS\n12.3 versions prior to 12.3R12-S18;\n15.1 versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S11;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S4;\n18.1 versions prior to 18.1R3-S12;\n18.2 versions prior to 18.2R3-S7;\n18.3 versions prior to 18.3R3-S4;\n18.4 versions prior to 18.4R2-S6, 18.4R3-S6;\n19.1 versions prior to 19.1R3-S3;\n" + "value": "On Juniper Networks Junos OS devices with Multipath or add-path feature enabled, processing a specific BGP UPDATE can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued receipt and processing of this UPDATE message will create a sustained Denial of Service (DoS) condition. This BGP UPDATE message can propagate to other BGP peers with vulnerable Junos versions on which Multipath or add-path feature is enabled, and cause RPD to crash and restart. This issue affects both IBGP and EBGP deployments in IPv4 or IPv6 network. Junos OS devices that do not have the BGP Multipath or add-path feature enabled are not affected by this issue. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S18; 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S4; 18.1 versions prior to 18.1R3-S12; 18.2 versions prior to 18.2R3-S7; 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R2-S6, 18.4R3-S6; 19.1 versions prior to 19.1R3-S3;" } ] }, diff --git a/2021/0xxx/CVE-2021-0283.json b/2021/0xxx/CVE-2021-0283.json index 1c91a02aafc..214899af3e0 100644 --- a/2021/0xxx/CVE-2021-0283.json +++ b/2021/0xxx/CVE-2021-0283.json @@ -138,7 +138,7 @@ "description_data": [ { "lang": "eng", - "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS).\n\nBy repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition.\n\nThe device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files:\n \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\"\n\nThese issue are only triggered by traffic destined to the device. Transit traffic will not trigger these issues.\nThis issue affects:\nJuniper Networks Junos OS\n12.3 versions prior to 12.3R12-S19;\n15.1 versions prior to 15.1R7-S10;\n16.1 version 16.1R1 and later versions;\n16.2 version 16.2R1 and later versions;\n17.1 version 17.1R1 and later versions;\n17.2 version 17.2R1 and later versions;\n17.3 version 17.3R1 and later versions;\n18.1 versions prior to 18.1R3-S13;\n18.2 version 18.2R1 and later versions;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior ot 18.4R3-S9;\n19.1 versions prior to 19.1R3-S6;\n19.2 versions prior to 19.2R3-S3;\n19.3 versions prior to 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R3-S5;\n20.1 versions prior to 20.1R2-S2, 20.1R3-S1;\n20.2 versions prior to 20.2R3-S2;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2-S1, 20.4R3;\n21.1 versions prior to 21.1R1-S1, 21.1R2;\n21.2 versions prior to 21.2R2." + "value": "A buffer overflow vulnerability in the TCP/IP stack of Juniper Networks Junos OS allows an attacker to send specific sequences of packets to the device thereby causing a Denial of Service (DoS). By repeatedly sending these sequences of packets to the device, an attacker can sustain the Denial of Service (DoS) condition. The device will abnormally shut down as a result of these sent packets. A potential indicator of compromise will be the following message in the log files: \"eventd[13955]: SYSTEM_ABNORMAL_SHUTDOWN: System abnormally shut down\" These issue are only triggered by traffic destined to the device. Transit traffic will not trigger these issues. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 16.1 version 16.1R1 and later versions; 16.2 version 16.2R1 and later versions; 17.1 version 17.1R1 and later versions; 17.2 version 17.2R1 and later versions; 17.3 version 17.3R1 and later versions; 18.1 versions prior to 18.1R3-S13; 18.2 version 18.2R1 and later versions; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior ot 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2; 21.2 versions prior to 21.2R2." } ] }, diff --git a/2021/0xxx/CVE-2021-0285.json b/2021/0xxx/CVE-2021-0285.json index e089cd00293..e4cd226ae1a 100644 --- a/2021/0xxx/CVE-2021-0285.json +++ b/2021/0xxx/CVE-2021-0285.json @@ -117,7 +117,7 @@ "description_data": [ { "lang": "eng", - "value": "An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP) interruptions, leading to an unstable control connection between the Multi-Chassis Link Aggregation Group (MC-LAG) nodes which can in turn lead to traffic loss.\nContinued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition.\n\nAn indication that the system could be impacted by this issue is the following log message:\n \"DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for protocol/exception LOCALNH:aggregate exceeded its allowed bandwidth at fpc for times, started at \"\nThis issue affects Juniper Networks Junos OS on QFX5000 Series and EX4600 Series:\n15.1 versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S11;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S5;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S7;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R1-S6, 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R2-S3, 20.2R3;\n20.3 versions prior to 20.3R2;\n20.4 versions prior to 20.4R1-S1, 20.4R2." + "value": "An uncontrolled resource consumption vulnerability in Juniper Networks Junos OS on QFX5000 Series and EX4600 Series switches allows an attacker sending large amounts of legitimate traffic destined to the device to cause Interchassis Control Protocol (ICCP) interruptions, leading to an unstable control connection between the Multi-Chassis Link Aggregation Group (MC-LAG) nodes which can in turn lead to traffic loss. Continued receipt of this amount of traffic will create a sustained Denial of Service (DoS) condition. An indication that the system could be impacted by this issue is the following log message: \"DDOS_PROTOCOL_VIOLATION_SET: Warning: Host-bound traffic for protocol/exception LOCALNH:aggregate exceeded its allowed bandwidth at fpc for times, started at \" This issue affects Juniper Networks Junos OS on QFX5000 Series and EX4600 Series: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S11; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S7; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R2-S3, 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R1-S1, 20.4R2." } ] }, diff --git a/2021/0xxx/CVE-2021-0286.json b/2021/0xxx/CVE-2021-0286.json index 96853f63fd7..3d0032d37ea 100644 --- a/2021/0xxx/CVE-2021-0286.json +++ b/2021/0xxx/CVE-2021-0286.json @@ -42,7 +42,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and restart, impacting all traffic going through the FPC, resulting in a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition.\n\nFollowing messages will be logged prior to the crash:\n Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:35\n Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:37\n Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:44\n Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:47\n Feb 2 10:14:39 fpc0 audit[16263]: ANOM_ABEND auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=11\n Feb 2 10:14:39 fpc0 kernel: audit: type=1701 audit(1612260879.272:17): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=1\n\nThis issue affects Juniper Networks Junos OS Evolved: \nAll versions prior to 20.4R2-EVO;\n21.1 versions prior to 21.1R2-EVO.\n" + "value": "A vulnerability in the handling of exceptional conditions in Juniper Networks Junos OS Evolved (EVO) allows an attacker to send specially crafted packets to the device, causing the Advanced Forwarding Toolkit manager (evo-aftmand-bt or evo-aftmand-zx) process to crash and restart, impacting all traffic going through the FPC, resulting in a Denial of Service (DoS). Continued receipt and processing of these packets will create a sustained Denial of Service (DoS) condition. Following messages will be logged prior to the crash: Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:35 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:37 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:19241453497049 label:1089551617 for session:18 probe:44 Feb 2 10:14:39 fpc0 evo-aftmand-bt[16263]: [Error] Nexthop: Failed to get fwd nexthop for nexthop:32710470974358 label:1089551617 for session:18 probe:47 Feb 2 10:14:39 fpc0 audit[16263]: ANOM_ABEND auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=11 Feb 2 10:14:39 fpc0 kernel: audit: type=1701 audit(1612260879.272:17): auid=4294967295 uid=0 gid=0 ses=4294967295 pid=16263 comm=\"EvoAftManBt-mai\" exe=\"/usr/sbin/evo-aftmand-bt\" sig=1 This issue affects Juniper Networks Junos OS Evolved: All versions prior to 20.4R2-EVO; 21.1 versions prior to 21.1R2-EVO." } ] }, diff --git a/2021/0xxx/CVE-2021-0287.json b/2021/0xxx/CVE-2021-0287.json index 72b4d864d35..5182c79ad84 100644 --- a/2021/0xxx/CVE-2021-0287.json +++ b/2021/0xxx/CVE-2021-0287.json @@ -104,7 +104,7 @@ "description_data": [ { "lang": "eng", - "value": "In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued link flaps will create a sustained Denial of Service (DoS) condition.\n\n\n\n\n\n\n\n\n\n\n\n\n\nThis issue affects:\nJuniper Networks Junos OS:\n19.4 versions prior to 19.4R1-S4, 19.4R3-S2;\n20.1 versions prior to 20.1R2-S1, 20.1R3;\n20.2 versions prior to 20.2R2-S2, 20.2R3;\n20.3 versions prior to 20.3R2;\n\nJuniper Networks Junos OS Evolved:\n20.3-EVO versions prior to 20.3R2-EVO;\n20.4-EVO versions prior to 20.4R2-EVO.\n\nThis issue does not affect:\nJuniper Networks Junos OS releases prior to 19.4R1.\nJuniper Networks Junos OS Evolved releases prior to 19.4R1-EVO." + "value": "In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued link flaps will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 19.4 versions prior to 19.4R1-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; Juniper Networks Junos OS Evolved: 20.3-EVO versions prior to 20.3R2-EVO; 20.4-EVO versions prior to 20.4R2-EVO. This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO." } ] }, diff --git a/2021/0xxx/CVE-2021-0288.json b/2021/0xxx/CVE-2021-0288.json index f598b66746a..049a6831048 100644 --- a/2021/0xxx/CVE-2021-0288.json +++ b/2021/0xxx/CVE-2021-0288.json @@ -117,7 +117,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. Continued receipt of this packet will sustain the Denial of Service (DoS) condition.\n\nThis issue only affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines).\nThis issue affects Juniper Networks Junos OS on MX Series, EX9200 Series:\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 versions prior to 18.2R3-S8;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8, 18.4R3-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S3;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R2-S2, 20.2R3;\n20.3 versions prior to 20.3R2;\n20.4 versions prior to 20.4R2;" + "value": "A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Port Concentrators) may cause FPC to crash and lead to a Denial of Service (DoS) condition. Continued receipt of this packet will sustain the Denial of Service (DoS) condition. This issue only affects MX Series and EX9200 Series with Trio-based PFEs (Packet Forwarding Engines). This issue affects Juniper Networks Junos OS on MX Series, EX9200 Series: 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 versions prior to 18.2R3-S8; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S3; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3-S2; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; 20.4 versions prior to 20.4R2;" } ] }, diff --git a/2021/0xxx/CVE-2021-0289.json b/2021/0xxx/CVE-2021-0289.json index db00cf96b04..9eac34d0b54 100644 --- a/2021/0xxx/CVE-2021-0289.json +++ b/2021/0xxx/CVE-2021-0289.json @@ -195,7 +195,7 @@ "configuration": [ { "lang": "eng", - "value": "First in config CLI mode check that is there any user ARP policers configured on an ae interface:\n\n show configuration | display set | match jtac-arp\n set groups jtac-arp-policer interfaces ae5 unit <*> family inet policer arp jtac-arp <<< this shows user arp policer configured on all ae interfaces\n\nNext validate which ARP policer is installed by using the operational cli command:\n\n“show interfaces extensive | match policer”\n show interfaces extensive | match policer\n Policer: Input: __default_arp_policer__ <<< incorrect if user arp policer was applied on ae interface and default arp policer is displayed\n Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user arp policer was applied on ae interface\n " + "value": "First in config CLI mode check that is there any user ARP policers configured on an ae interface:\n\n show configuration | display set | match jtac-arp\n set groups jtac-arp-policer interfaces ae5 unit <*> family inet policer arp jtac-arp <<< this shows user arp policer configured on all ae interfaces\n\nNext validate which ARP policer is installed by using the operational cli command:\n\n\u201cshow interfaces extensive | match policer\u201d\n show interfaces extensive | match policer\n Policer: Input: __default_arp_policer__ <<< incorrect if user arp policer was applied on ae interface and default arp policer is displayed\n Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user arp policer was applied on ae interface\n " } ], "data_format": "MITRE", @@ -205,7 +205,7 @@ "description_data": [ { "lang": "eng", - "value": "When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer.\n\nTo review the desired ARP Policers and actual state one can run the command \"show interfaces <> extensive\" and review the output. See further details below.\n\nAn example output is:\n \n show interfaces extensive | match policer\n Policer: Input: __default_arp_policer__ <<< incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed\n Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user ARP Policer was applied on an AE interface\n\nFor all platforms, except SRX Series:\n\nThis issue affects Juniper Networks Junos OS:\nAll versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions;\n19.4 versions prior to 19.4R3-S3;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R3-S2;\n20.3 version 20.3R1 and later versions;\n20.4 versions prior to 20.4R3;\n21.1 versions prior to 21.1R2;\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 5.6R1.\n\nOn SRX Series this issue affects Juniper Networks Junos OS: \n\n18.4 versions prior to 18.4R2-S9, 18.4R3-S9;\n19.4 versions prior to 19.4R3-S4;\n20.1 versions prior to 20.1R3;\n20.2 versions prior to 20.2R3-S2;\n20.3 version 20.3R1 and later versions;\n20.4 versions prior to 20.4R3;\n21.1 versions prior to 21.1R2.\n\nThis issue does not affect 18.4 versions prior to 18.4R1 on SRX Series.\n\nThis issue does not affect Junos OS Evolved.\n" + "value": "When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability between the Device Control Daemon (DCD) and firewall process (dfwd) daemons of Juniper Networks Junos OS allows an attacker to bypass the user-defined ARP Policer. In this particular case the User ARP policer is replaced with default ARP policer. To review the desired ARP Policers and actual state one can run the command \"show interfaces <> extensive\" and review the output. See further details below. An example output is: show interfaces extensive | match policer Policer: Input: __default_arp_policer__ <<< incorrect if user ARP Policer was applied on an AE interface and the default ARP Policer is displayed Policer: Input: jtac-arp-ae5.317-inet-arp <<< correct if user ARP Policer was applied on an AE interface For all platforms, except SRX Series: This issue affects Juniper Networks Junos OS: All versions 5.6R1 and all later versions prior to 18.4 versions prior to 18.4R2-S9, 18.4R3-S9 with the exception of 15.1 versions 15.1R7-S10 and later versions; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2; This issue does not affect Juniper Networks Junos OS versions prior to 5.6R1. On SRX Series this issue affects Juniper Networks Junos OS: 18.4 versions prior to 18.4R2-S9, 18.4R3-S9; 19.4 versions prior to 19.4R3-S4; 20.1 versions prior to 20.1R3; 20.2 versions prior to 20.2R3-S2; 20.3 version 20.3R1 and later versions; 20.4 versions prior to 20.4R3; 21.1 versions prior to 21.1R2. This issue does not affect 18.4 versions prior to 18.4R1 on SRX Series. This issue does not affect Junos OS Evolved." } ] }, diff --git a/2021/0xxx/CVE-2021-0290.json b/2021/0xxx/CVE-2021-0290.json index 2f124e441fe..d63deb045a3 100644 --- a/2021/0xxx/CVE-2021-0290.json +++ b/2021/0xxx/CVE-2021-0290.json @@ -109,7 +109,7 @@ "description_data": [ { "lang": "eng", - "value": "Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting in a Denial of Service (DoS) condition. The interface does not recover on its own and the FPC must be reset manually. Continued receipt and processing of these frames will create a sustained Denial of Service (DoS) condition.\n\nThis issue is platform-specific and affects the following platforms and line cards:\n\n* MPC7E/8E/9E and MPC10E on MX240, MX480, MX960, MX2008, MX2010, and MX2020\n* MX204, MX10003, MX10008, MX10016\n* EX9200, EX9251\n* SRX4600\n\nNo other products or platforms are affected by this vulnerability.\n\nAn indication of this issue occurring can be seen in the system log messages, as shown below:\n\n user@host> show log messages | match \"Failed to complete DFE tuning\" \n fpc4 smic_phy_dfe_tuning_state: et-4/1/6 - Failed to complete DFE tuning (count 3)\n\nand interface will be in a permanently down state:\n\n user@host> show interfaces et-4/1/6 terse \n Interface Admin Link Proto Local Remote\n et-4/1/6 up down\n et-4/1/6.0 up down aenet --> ae101.0\n\nThis issue affects Juniper Networks Junos OS:\n16.1 versions prior to 16.1R7-S7 on MX Series;\n17.1R1 and later versions prior to 17.2R3-S3 on MX Series;\n17.3 versions prior to 17.3R3-S8 on MX Series;\n17.4 versions prior to 17.4R2-S11, 17.4R3-S1 on MX Series, SRX4600;\n18.1 versions prior to 18.1R3-S10 on MX Series, EX9200 Series, SRX4600;\n18.2 versions prior to 18.2R3-S3 on MX Series, EX9200 Series, SRX4600;\n18.3 versions prior to 18.3R3-S1 on MX Series, EX9200 Series, SRX4600;\n18.4 versions prior to 18.4R2-S3, 18.4R3 on MX Series, EX9200 Series, SRX4600;\n19.1 versions prior to 19.1R2-S1, 19.1R3 on MX Series, EX9200 Series, SRX4600;\n19.2 versions prior to 19.2R1-S3, 19.2R2 on MX Series, EX9200 Series, SRX4600;\n19.3 versions prior to 19.3R2 on MX Series, EX9200 Series, SRX4600.\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 16.1R1." + "value": "Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted frames over the local Ethernet segment, causing the interface to go into a down state, resulting in a Denial of Service (DoS) condition. The interface does not recover on its own and the FPC must be reset manually. Continued receipt and processing of these frames will create a sustained Denial of Service (DoS) condition. This issue is platform-specific and affects the following platforms and line cards: * MPC7E/8E/9E and MPC10E on MX240, MX480, MX960, MX2008, MX2010, and MX2020 * MX204, MX10003, MX10008, MX10016 * EX9200, EX9251 * SRX4600 No other products or platforms are affected by this vulnerability. An indication of this issue occurring can be seen in the system log messages, as shown below: user@host> show log messages | match \"Failed to complete DFE tuning\" fpc4 smic_phy_dfe_tuning_state: et-4/1/6 - Failed to complete DFE tuning (count 3) and interface will be in a permanently down state: user@host> show interfaces et-4/1/6 terse Interface Admin Link Proto Local Remote et-4/1/6 up down et-4/1/6.0 up down aenet --> ae101.0 This issue affects Juniper Networks Junos OS: 16.1 versions prior to 16.1R7-S7 on MX Series; 17.1R1 and later versions prior to 17.2R3-S3 on MX Series; 17.3 versions prior to 17.3R3-S8 on MX Series; 17.4 versions prior to 17.4R2-S11, 17.4R3-S1 on MX Series, SRX4600; 18.1 versions prior to 18.1R3-S10 on MX Series, EX9200 Series, SRX4600; 18.2 versions prior to 18.2R3-S3 on MX Series, EX9200 Series, SRX4600; 18.3 versions prior to 18.3R3-S1 on MX Series, EX9200 Series, SRX4600; 18.4 versions prior to 18.4R2-S3, 18.4R3 on MX Series, EX9200 Series, SRX4600; 19.1 versions prior to 19.1R2-S1, 19.1R3 on MX Series, EX9200 Series, SRX4600; 19.2 versions prior to 19.2R1-S3, 19.2R2 on MX Series, EX9200 Series, SRX4600; 19.3 versions prior to 19.3R2 on MX Series, EX9200 Series, SRX4600. This issue does not affect Juniper Networks Junos OS versions prior to 16.1R1." } ] }, diff --git a/2021/0xxx/CVE-2021-0291.json b/2021/0xxx/CVE-2021-0291.json index 225235d5133..b40d029db58 100644 --- a/2021/0xxx/CVE-2021-0291.json +++ b/2021/0xxx/CVE-2021-0291.json @@ -114,7 +114,7 @@ "description_data": [ { "lang": "eng", - "value": "An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of specific traffic may lead to a partial Denial of Service (DoS) as the CPU utilization of the RE is significantly increased.\n\nThe SNMP Agent Extensibility (agentx) process should only be listening to TCP port 705 on the internal routing instance. External connections destined to port 705 should not be allowed.\n\nThis issue affects:\nJuniper Networks Junos OS:\n15.1 versions prior to 15.1R7-S9;\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R2-S13, 17.4R3-S5;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S2;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3;\n20.1 versions prior to 20.1R2;\n20.2 versions prior to 20.2R2;\n20.3 versions prior to 20.3R2.\n\nJuniper Networks Junos OS Evolved versions prior to 20.3R2-EVO.\n\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 13.2R1.\n" + "value": "An Exposure of System Data vulnerability in Juniper Networks Junos OS and Junos OS Evolved, where a sensitive system-level resource is not being sufficiently protected, allows a network-based unauthenticated attacker to send specific traffic which partially reaches this resource. A high rate of specific traffic may lead to a partial Denial of Service (DoS) as the CPU utilization of the RE is significantly increased. The SNMP Agent Extensibility (agentx) process should only be listening to TCP port 705 on the internal routing instance. External connections destined to port 705 should not be allowed. This issue affects: Juniper Networks Junos OS: 15.1 versions prior to 15.1R7-S9; 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R2-S13, 17.4R3-S5; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S2; 19.4 versions prior to 19.4R1-S4, 19.4R2-S4, 19.4R3; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2; 20.3 versions prior to 20.3R2. Juniper Networks Junos OS Evolved versions prior to 20.3R2-EVO. This issue does not affect Juniper Networks Junos OS versions prior to 13.2R1." } ] }, diff --git a/2021/0xxx/CVE-2021-0292.json b/2021/0xxx/CVE-2021-0292.json index a37fc2ecfb3..0c7a3ac4268 100644 --- a/2021/0xxx/CVE-2021-0292.json +++ b/2021/0xxx/CVE-2021-0292.json @@ -52,7 +52,7 @@ "description_data": [ { "lang": "eng", - "value": "An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition. Link-layer functions such as IPv4 and/or IPv6 address resolution may be impacted, leading to traffic loss. The processes do not recover on their own and must be manually restarted. \n\nChanges in memory usage can be monitored using the following shell commands (header shown for clarity):\n\n user@router:/var/log# ps aux | grep arpd\n USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND\n root 31418 59.0 0.7 *5702564* 247952 ? xxx /usr/sbin/arpd --app-name arpd -I object_select --shared-objects-mode 3\n\n user@router:/var/log# ps aux | grep arpd\n USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND\n root 31418 49.1 1.0 *5813156* 351184 ? xxx /usr/sbin/arpd --app-name arpd -I object_select --shared-objects-mode 3\n\nMemory usage can be monitored for the ndp process in a similar fashion:\n\n user@router:/var/log# ps aux | grep ndp\n USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND\n root 14935 0.0 0.1 *5614052* 27256 ? Ssl Jun15 0:17 /usr/sbin/ndp -I no_tab_chk,object_select --app-name ndp --shared-obje\n\n user@router:/var/log# ps aux | grep ndp\n USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND\n root 14935 0.0 0.1 *5725164* 27256 ? Ssl Jun15 0:17 /usr/sbin/ndp -I no_tab_chk,object_select --app-name ndp --shared-obje\n\nThis issue affects Juniper Networks Junos OS Evolved:\n19.4 versions prior to 19.4R2-S3-EVO;\n20.1 versions prior to 20.1R2-S4-EVO;\nall versions of 20.2-EVO.\n\nThis issue does not affect Juniper Networks Junos OS Evolved versions prior to 19.4R2-EVO." + "value": "An Uncontrolled Resource Consumption vulnerability in the ARP daemon (arpd) and Network Discovery Protocol (ndp) process of Juniper Networks Junos OS Evolved allows a malicious attacker on the local network to consume memory resources, ultimately resulting in a Denial of Service (DoS) condition. Link-layer functions such as IPv4 and/or IPv6 address resolution may be impacted, leading to traffic loss. The processes do not recover on their own and must be manually restarted. Changes in memory usage can be monitored using the following shell commands (header shown for clarity): user@router:/var/log# ps aux | grep arpd USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 31418 59.0 0.7 *5702564* 247952 ? xxx /usr/sbin/arpd --app-name arpd -I object_select --shared-objects-mode 3 user@router:/var/log# ps aux | grep arpd USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 31418 49.1 1.0 *5813156* 351184 ? xxx /usr/sbin/arpd --app-name arpd -I object_select --shared-objects-mode 3 Memory usage can be monitored for the ndp process in a similar fashion: user@router:/var/log# ps aux | grep ndp USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 14935 0.0 0.1 *5614052* 27256 ? Ssl Jun15 0:17 /usr/sbin/ndp -I no_tab_chk,object_select --app-name ndp --shared-obje user@router:/var/log# ps aux | grep ndp USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND root 14935 0.0 0.1 *5725164* 27256 ? Ssl Jun15 0:17 /usr/sbin/ndp -I no_tab_chk,object_select --app-name ndp --shared-obje This issue affects Juniper Networks Junos OS Evolved: 19.4 versions prior to 19.4R2-S3-EVO; 20.1 versions prior to 20.1R2-S4-EVO; all versions of 20.2-EVO. This issue does not affect Juniper Networks Junos OS Evolved versions prior to 19.4R2-EVO." } ] }, diff --git a/2021/0xxx/CVE-2021-0293.json b/2021/0xxx/CVE-2021-0293.json index 625d997906a..23ebf8337a7 100644 --- a/2021/0xxx/CVE-2021-0293.json +++ b/2021/0xxx/CVE-2021-0293.json @@ -87,7 +87,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' is executed. The amount of memory leaked on each execution depends on the number of TCP connections from and to the system. Repeated execution will cause more memory to leak and eventually daemons that need to allocate additionally memory and ultimately the kernel to crash, which will result in traffic loss.\nContinued execution of this command will cause a sustained Denial of Service (DoS) condition.\n\nAn administrator can use the following CLI command to monitor for increase in memory consumption of the netstat process, if it exists:\n\n user@junos> show system processes extensive | match \"username|netstat\"\n \n PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND\n 21181 root 100 0 5458M 4913M CPU3 2 0:59 97.27% netstat\n\nThe following log message might be observed if this issue happens:\n\n kernel: %KERN-3: pid 21181 (netstat), uid 0, was killed: out of swap space\n\nThis issue affects Juniper Networks Junos OS\n18.2 versions prior to 18.2R2-S8, 18.2R3-S7.\n18.3 versions prior to 18.3R3-S4;\n18.4 versions prior to 18.4R1-S8, 18.4R2-S6, 18.4R3-S7;\n19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4;\n19.2 versions prior to 19.2R1-S6, 19.2R3-S2;\n19.3 versions prior to 19.3R2-S6, 19.3R3-S1;\n19.4 versions prior to 19.4R1-S4, 19.4R2-S3, 19.4R3-S1;\n20.1 versions prior to 20.1R2;\n20.2 versions prior to 20.2R2-S1, 20.2R3;\n20.3 versions prior to 20.3R1-S1, 20.3R2;\n\nThis issue does not affect Juniper Networks Junos OS versions prior to 18.2R1." + "value": "A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' is executed. The amount of memory leaked on each execution depends on the number of TCP connections from and to the system. Repeated execution will cause more memory to leak and eventually daemons that need to allocate additionally memory and ultimately the kernel to crash, which will result in traffic loss. Continued execution of this command will cause a sustained Denial of Service (DoS) condition. An administrator can use the following CLI command to monitor for increase in memory consumption of the netstat process, if it exists: user@junos> show system processes extensive | match \"username|netstat\" PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND 21181 root 100 0 5458M 4913M CPU3 2 0:59 97.27% netstat The following log message might be observed if this issue happens: kernel: %KERN-3: pid 21181 (netstat), uid 0, was killed: out of swap space This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R2-S8, 18.2R3-S7. 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S6, 18.4R3-S7; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R1-S4, 19.4R2-S3, 19.4R3-S1; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2-S1, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2; This issue does not affect Juniper Networks Junos OS versions prior to 18.2R1." } ] }, diff --git a/2021/0xxx/CVE-2021-0294.json b/2021/0xxx/CVE-2021-0294.json index 3048fea8b77..e846f4bc645 100644 --- a/2021/0xxx/CVE-2021-0294.json +++ b/2021/0xxx/CVE-2021-0294.json @@ -44,7 +44,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and if \"storm-control enhanced\" is configured, can lead to the enhanced storm control filter group not be installed. It will cause storm control not to work hence allowing an attacker to cause high CPU usage or packet loss issues by sending a large amount of broadcast or unknown unicast packets arriving the device.\n\nThis issue affects Juniper Networks QFX5100, QFX5110, QFX5120, QFX5200, QFX5210, EX4600, and EX4650, and QFX5100 with QFX 5e Series image installed.\n\nQFX5130 and QFX5220 are not affected from this issue.\nThis issue affects Juniper Networks Junos OS 18.4R2-S5 on QFX5000 Series and EX4600 Series.\n\nNo other product or platform is affected by this vulnerability.\n" + "value": "A vulnerability in Juniper Networks Junos OS, which only affects the release 18.4R2-S5, where a function is inconsistently implemented on Juniper Networks Junos QFX5000 Series and EX4600 Series, and if \"storm-control enhanced\" is configured, can lead to the enhanced storm control filter group not be installed. It will cause storm control not to work hence allowing an attacker to cause high CPU usage or packet loss issues by sending a large amount of broadcast or unknown unicast packets arriving the device. This issue affects Juniper Networks QFX5100, QFX5110, QFX5120, QFX5200, QFX5210, EX4600, and EX4650, and QFX5100 with QFX 5e Series image installed. QFX5130 and QFX5220 are not affected from this issue. This issue affects Juniper Networks Junos OS 18.4R2-S5 on QFX5000 Series and EX4600 Series. No other product or platform is affected by this vulnerability." } ] }, diff --git a/2021/0xxx/CVE-2021-0295.json b/2021/0xxx/CVE-2021-0295.json index 3d833adb31c..0e9a46741b7 100644 --- a/2021/0xxx/CVE-2021-0295.json +++ b/2021/0xxx/CVE-2021-0295.json @@ -117,7 +117,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). The issue is caused by DVMRP packets looping on a multi-homed Ethernet Segment Identifier (ESI) when VXLAN is configured. DVMRP packets received on a multi-homed ESI are sent to the peer, and then incorrectly forwarded out the same ESI, violating the split horizon rule.\n\nThis issue only affects QFX10K Series switches, including the QFX10002, QFX10008, and QFX10016. Other products and platforms are unaffected by this vulnerability.\nThis issue affects Juniper Networks Junos OS on QFX10K Series:\n17.3 versions prior to 17.3R3-S12;\n17.4 versions prior to 17.4R3-S5;\n18.1 versions prior to 18.1R3-S13;\n18.2 version 18.2R1 and later versions;\n18.3 versions prior to 18.3R3-S5;\n18.4 versions prior to 18.4R2-S9, 18.4R3-S8;\n19.1 versions prior to 19.1R3-S5;\n19.2 versions prior to 19.2R1-S7, 19.2R3-S2;\n19.3 versions prior to 19.3R3-S2;\n19.4 versions prior to 19.4R3-S3;\n20.1 versions prior to 20.1R2-S2, 20.1R3;\n20.2 versions prior to 20.2R3;\n20.3 versions prior to 20.3R3;\n20.4 versions prior to 20.4R2." + "value": "A vulnerability in the Distance Vector Multicast Routing Protocol (DVMRP) of Juniper Networks Junos OS on the QFX10K Series switches allows an attacker to trigger a packet forwarding loop, leading to a partial Denial of Service (DoS). The issue is caused by DVMRP packets looping on a multi-homed Ethernet Segment Identifier (ESI) when VXLAN is configured. DVMRP packets received on a multi-homed ESI are sent to the peer, and then incorrectly forwarded out the same ESI, violating the split horizon rule. This issue only affects QFX10K Series switches, including the QFX10002, QFX10008, and QFX10016. Other products and platforms are unaffected by this vulnerability. This issue affects Juniper Networks Junos OS on QFX10K Series: 17.3 versions prior to 17.3R3-S12; 17.4 versions prior to 17.4R3-S5; 18.1 versions prior to 18.1R3-S13; 18.2 version 18.2R1 and later versions; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R2-S9, 18.4R3-S8; 19.1 versions prior to 19.1R3-S5; 19.2 versions prior to 19.2R1-S7, 19.2R3-S2; 19.3 versions prior to 19.3R3-S2; 19.4 versions prior to 19.4R3-S3; 20.1 versions prior to 20.1R2-S2, 20.1R3; 20.2 versions prior to 20.2R3; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2." } ] }, diff --git a/2021/32xxx/CVE-2021-32764.json b/2021/32xxx/CVE-2021-32764.json index 04ba6028ecd..84332df228a 100644 --- a/2021/32xxx/CVE-2021-32764.json +++ b/2021/32xxx/CVE-2021-32764.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "Discourse is an open-source discussion platform. In Discourse versions 2.7.5 and prior, parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. The issue is patched in `stable` version 2.7.6, `beta` version 2.8.0.beta3, and `tests-passed` version 2.8.0.beta3. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks." + "value": "Discourse is an open-source discussion platform. In Discourse versions 2.7.5 and prior, parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. The issue is patched in `stable` version 2.7.6, `beta` version 2.8.0.beta3, and `tests-passed` version 2.8.0.beta3. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks." } ] }, From 86f6cba21e912358e3970d643a1b83dbee38d59c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 15 Jul 2021 22:00:52 +0000 Subject: [PATCH 11/26] "-Synchronized-Data." --- 2020/23xxx/CVE-2020-23705.json | 56 ++++++++++++++++++++++++++++++---- 2020/23xxx/CVE-2020-23706.json | 56 ++++++++++++++++++++++++++++++---- 2020/23xxx/CVE-2020-23707.json | 56 ++++++++++++++++++++++++++++++---- 3 files changed, 150 insertions(+), 18 deletions(-) diff --git a/2020/23xxx/CVE-2020-23705.json b/2020/23xxx/CVE-2020-23705.json index e1f9efbdf0a..8a887df4912 100644 --- a/2020/23xxx/CVE-2020-23705.json +++ b/2020/23xxx/CVE-2020-23705.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23705", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23705", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/rockcarry/ffjpeg/issues/25", + "refsource": "MISC", + "name": "https://github.com/rockcarry/ffjpeg/issues/25" } ] } diff --git a/2020/23xxx/CVE-2020-23706.json b/2020/23xxx/CVE-2020-23706.json index 3f629cb7394..cb47c8df531 100644 --- a/2020/23xxx/CVE-2020-23706.json +++ b/2020/23xxx/CVE-2020-23706.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23706", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23706", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_subsequent_scan() ok_jpg.c:1102 of ok-file-formats through 2020-06-26 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/brackeen/ok-file-formats/issues/7", + "refsource": "MISC", + "name": "https://github.com/brackeen/ok-file-formats/issues/7" } ] } diff --git a/2020/23xxx/CVE-2020-23707.json b/2020/23xxx/CVE-2020-23707.json index fc7026877dc..b3f85874e52 100644 --- a/2020/23xxx/CVE-2020-23707.json +++ b/2020/23xxx/CVE-2020-23707.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23707", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23707", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file-formats through 2020-06-26 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/brackeen/ok-file-formats/issues/8", + "refsource": "MISC", + "name": "https://github.com/brackeen/ok-file-formats/issues/8" } ] } From 02933ff0e5a854196cde61586994937808a37133 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 15 Jul 2021 23:00:56 +0000 Subject: [PATCH 12/26] "-Synchronized-Data." --- 2021/36xxx/CVE-2021-36754.json | 18 ++++++++++++++++++ 2021/36xxx/CVE-2021-36755.json | 18 ++++++++++++++++++ 2021/3xxx/CVE-2021-3449.json | 5 +++++ 2021/3xxx/CVE-2021-3450.json | 5 +++++ 4 files changed, 46 insertions(+) create mode 100644 2021/36xxx/CVE-2021-36754.json create mode 100644 2021/36xxx/CVE-2021-36755.json diff --git a/2021/36xxx/CVE-2021-36754.json b/2021/36xxx/CVE-2021-36754.json new file mode 100644 index 00000000000..b0a10fe3ebf --- /dev/null +++ b/2021/36xxx/CVE-2021-36754.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36754", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36755.json b/2021/36xxx/CVE-2021-36755.json new file mode 100644 index 00000000000..1e6d80c4b57 --- /dev/null +++ b/2021/36xxx/CVE-2021-36755.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36755", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/3xxx/CVE-2021-3449.json b/2021/3xxx/CVE-2021-3449.json index a8de88640d1..1d9970242e4 100644 --- a/2021/3xxx/CVE-2021-3449.json +++ b/2021/3xxx/CVE-2021-3449.json @@ -171,6 +171,11 @@ "refsource": "CONFIRM", "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845" + }, + { + "refsource": "CONFIRM", + "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013" } ] } diff --git a/2021/3xxx/CVE-2021-3450.json b/2021/3xxx/CVE-2021-3450.json index c7c74e9b0c7..a9bd7335117 100644 --- a/2021/3xxx/CVE-2021-3450.json +++ b/2021/3xxx/CVE-2021-3450.json @@ -161,6 +161,11 @@ "refsource": "CONFIRM", "name": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845", "url": "https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44845" + }, + { + "refsource": "CONFIRM", + "name": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013", + "url": "https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2021-0013" } ] } From ddbe52407aed8bd2effdc190611467343f0e3f99 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Jul 2021 00:00:54 +0000 Subject: [PATCH 13/26] "-Synchronized-Data." --- 2021/36xxx/CVE-2021-36755.json | 56 +++++++++++++++++++++++++---- 2021/36xxx/CVE-2021-36756.json | 18 ++++++++++ 2021/36xxx/CVE-2021-36757.json | 18 ++++++++++ 2021/36xxx/CVE-2021-36758.json | 65 ++++++++++++++++++++++++++++++++++ 4 files changed, 151 insertions(+), 6 deletions(-) create mode 100644 2021/36xxx/CVE-2021-36756.json create mode 100644 2021/36xxx/CVE-2021-36757.json create mode 100644 2021/36xxx/CVE-2021-36758.json diff --git a/2021/36xxx/CVE-2021-36755.json b/2021/36xxx/CVE-2021-36755.json index 1e6d80c4b57..1d94b14cffb 100644 --- a/2021/36xxx/CVE-2021-36755.json +++ b/2021/36xxx/CVE-2021-36755.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-36755", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-36755", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Nightscout Web Monitor (aka cgm-remote-monitor) 14.2.2 allows XSS via a crafted X-Forwarded-For header." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nightscout/cgm-remote-monitor/commit/68f3f90e30cc1da57f7e5069f9c4e1467973521f", + "refsource": "MISC", + "name": "https://github.com/nightscout/cgm-remote-monitor/commit/68f3f90e30cc1da57f7e5069f9c4e1467973521f" } ] } diff --git a/2021/36xxx/CVE-2021-36756.json b/2021/36xxx/CVE-2021-36756.json new file mode 100644 index 00000000000..7bfc0f04d57 --- /dev/null +++ b/2021/36xxx/CVE-2021-36756.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36756", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36757.json b/2021/36xxx/CVE-2021-36757.json new file mode 100644 index 00000000000..fcbdb3a1744 --- /dev/null +++ b/2021/36xxx/CVE-2021-36757.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36757", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2021/36xxx/CVE-2021-36758.json b/2021/36xxx/CVE-2021-36758.json new file mode 100644 index 00000000000..c72eff94a34 --- /dev/null +++ b/2021/36xxx/CVE-2021-36758.json @@ -0,0 +1,65 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2021-36758", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "1Password Connect server before 1.2 is missing validation checks, permitting users to create Secrets Automation access tokens that can be used to perform privilege escalation. Malicious users authorized to create Secrets Automation access tokens can create tokens that have access beyond what the user is authorized to access, but limited to the existing authorizations of the Secret Automation the token is created in." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://support.1password.com/kb/202106/", + "refsource": "MISC", + "name": "https://support.1password.com/kb/202106/" + } + ] + }, + "source": { + "discovery": "INTERNAL" + } +} \ No newline at end of file From c19a1bc462ebf1c990625de5df57055949e82924 Mon Sep 17 00:00:00 2001 From: unknown Date: Fri, 16 Jul 2021 10:42:19 +0800 Subject: [PATCH 14/26] Add TWCERT/CC CVE-2021-35961 CVE-2021-35962 --- 2021/35xxx/CVE-2021-35961.json | 93 +++++++++++++++++++++++++++++--- 2021/35xxx/CVE-2021-35962.json | 98 +++++++++++++++++++++++++++++++--- 2 files changed, 179 insertions(+), 12 deletions(-) diff --git a/2021/35xxx/CVE-2021-35961.json b/2021/35xxx/CVE-2021-35961.json index bb367ab9175..f273eb78a4c 100644 --- a/2021/35xxx/CVE-2021-35961.json +++ b/2021/35xxx/CVE-2021-35961.json @@ -1,18 +1,99 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "AKA": "TWCERT/CC", + "ASSIGNER": "cve@cert.org.tw", + "DATE_PUBLIC": "2021-07-15T11:19:00.000Z", "ID": "CVE-2021-35961", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "TAIWAN SECOM CO., LTD., Door Access Control and Personnel Attendance Management system - Use of Hard-coded Credentials" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Door Access Control and Personnel Attendance Management system", + "version": { + "version_data": [ + { + "platform": "Personnel Attendance system", + "version_affected": "<=", + "version_value": "3.4.0.0.3.12_20210525" + } + ] + } + } + ] + }, + "vendor_name": "TAIWAN SECOM CO., LTD.," + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-798 Use of Hard-coded Credentials" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.twcert.org.tw/tw/cp-132-4905-c99ac-1.html" + }, + { + "refsource": "CONFIRM", + "url": "https://www.chtsecurity.com/news/2e4e69d5-2e32-4f73-ac7e-a66432e020e4" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Update to:\nPersonnel Attendance system ver. 3.4.0.0.3.12_20210525" + } + ], + "source": { + "advisory": "TVN-202107002", + "discovery": "EXTERNAL" } } \ No newline at end of file diff --git a/2021/35xxx/CVE-2021-35962.json b/2021/35xxx/CVE-2021-35962.json index 75a7d39b199..a093d58a7a1 100644 --- a/2021/35xxx/CVE-2021-35962.json +++ b/2021/35xxx/CVE-2021-35962.json @@ -1,18 +1,104 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "AKA": "TWCERT/CC", + "ASSIGNER": "cve@cert.org.tw", + "DATE_PUBLIC": "2021-07-15T11:19:00.000Z", "ID": "CVE-2021-35962", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "TAIWAN SECOM CO., LTD., Door Access Control and Personnel Attendance Management system - Path Traversal" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Door Access Control and Personnel Attendance Management system", + "version": { + "version_data": [ + { + "platform": "Door Access Control", + "version_affected": "<=", + "version_value": "3.3.2" + }, + { + "platform": "Personnel Attendance system", + "version_affected": "<=", + "version_value": "3.4.0.0.3.12_20210525" + } + ] + } + } + ] + }, + "vendor_name": "TAIWAN SECOM CO., LTD.," + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Specific page parameters in Dr. ID Door Access Control and Personnel Attendance Management system does not filter special characters. Remote attackers can apply Path Traversal means to download credential files from the system without permission." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://www.twcert.org.tw/tw/cp-132-4906-89381-1.html" + }, + { + "refsource": "CONFIRM", + "url": "https://www.chtsecurity.com/news/d7ec2db9-12dd-439f-b014-b956ce231054" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Update to:\nPersonnel Attendance system ver. 3.4.0.0.3.12_20210525" + } + ], + "source": { + "advisory": "TVN-202107003", + "discovery": "EXTERNAL" } } \ No newline at end of file From 7d8dd45fd02a2d71b1eff368a4eb10aa3304a07f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Jul 2021 08:00:54 +0000 Subject: [PATCH 15/26] "-Synchronized-Data." --- 2017/15xxx/CVE-2017-15708.json | 5 +++++ 2021/3xxx/CVE-2021-3570.json | 10 ++++++++++ 2021/3xxx/CVE-2021-3571.json | 10 ++++++++++ 3 files changed, 25 insertions(+) diff --git a/2017/15xxx/CVE-2017-15708.json b/2017/15xxx/CVE-2017-15708.json index 96968d88b1b..786a9ff3616 100644 --- a/2017/15xxx/CVE-2017-15708.json +++ b/2017/15xxx/CVE-2017-15708.json @@ -92,6 +92,11 @@ "refsource": "MLIST", "name": "[doris-commits] 20210402 [GitHub] [incubator-doris] zh0122 opened a new pull request #5595: [FE][Fix]Update commons-collections to fix a security issue", "url": "https://lists.apache.org/thread.html/r0fb289cd38c915b9a13a3376134f96222dd9100f1ef66b41631865c6@%3Ccommits.doris.apache.org%3E" + }, + { + "refsource": "GENTOO", + "name": "GLSA-202107-37", + "url": "https://security.gentoo.org/glsa/202107-37" } ] } diff --git a/2021/3xxx/CVE-2021-3570.json b/2021/3xxx/CVE-2021-3570.json index d38a33050f4..abd066b522f 100644 --- a/2021/3xxx/CVE-2021-3570.json +++ b/2021/3xxx/CVE-2021-3570.json @@ -53,6 +53,16 @@ "refsource": "DEBIAN", "name": "DSA-4938", "url": "https://www.debian.org/security/2021/dsa-4938" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-1b42c2f458", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUBKTRCMJ6VKS7DIBSZQB4ATSKVCJYXJ/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-a5b584004c", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RHRUVSDP673LXJ5HGIPQPWPIYUPWYQA7/" } ] }, diff --git a/2021/3xxx/CVE-2021-3571.json b/2021/3xxx/CVE-2021-3571.json index 5c6a545630d..e3e446967b4 100644 --- a/2021/3xxx/CVE-2021-3571.json +++ b/2021/3xxx/CVE-2021-3571.json @@ -48,6 +48,16 @@ "refsource": "MISC", "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1966241", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1966241" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-1b42c2f458", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VUBKTRCMJ6VKS7DIBSZQB4ATSKVCJYXJ/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2021-a5b584004c", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RHRUVSDP673LXJ5HGIPQPWPIYUPWYQA7/" } ] }, From a644485910990b33b63861c07ea2346c76d96046 Mon Sep 17 00:00:00 2001 From: Jamie Slome Date: Fri, 16 Jul 2021 09:28:54 +0100 Subject: [PATCH 16/26] Update CVE-2021-3647.json --- 2021/3xxx/CVE-2021-3647.json | 104 +++++++++++++++++++++++++++++------ 1 file changed, 88 insertions(+), 16 deletions(-) diff --git a/2021/3xxx/CVE-2021-3647.json b/2021/3xxx/CVE-2021-3647.json index cb8042bd84d..0ceb04b7918 100644 --- a/2021/3xxx/CVE-2021-3647.json +++ b/2021/3xxx/CVE-2021-3647.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3647", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2021-3647", + "STATE": "PUBLIC", + "TITLE": "Open Redirect in medialize/URI.js" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "medialize/URI.js", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "1.19.6" + } + ] + } + } + ] + }, + "vendor_name": "medialize" + } + ] } -} \ No newline at end of file + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "URI.js is vulnerable to URL Redirection to Untrusted Site" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-601 URL Redirection to Untrusted Site" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/1625558772840-medialize/URI.js", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/1625558772840-medialize/URI.js" + }, + { + "name": "https://github.com/medialize/URI.js/commit/ac43ca8f80c042f0256fb551ea5203863dec4481", + "refsource": "MISC", + "url": "https://github.com/medialize/URI.js/commit/ac43ca8f80c042f0256fb551ea5203863dec4481" + } + ] + }, + "source": { + "advisory": "1625558772840-medialize/URI.js", + "discovery": "EXTERNAL" + } +} +{"mode":"full","isActive":false} From e274cc96239fa78e57fc300a2ee70639992915bf Mon Sep 17 00:00:00 2001 From: Jamie Slome Date: Fri, 16 Jul 2021 09:30:12 +0100 Subject: [PATCH 17/26] Update CVE-2021-3647.json --- 2021/3xxx/CVE-2021-3647.json | 1 - 1 file changed, 1 deletion(-) diff --git a/2021/3xxx/CVE-2021-3647.json b/2021/3xxx/CVE-2021-3647.json index 0ceb04b7918..c2cbce96262 100644 --- a/2021/3xxx/CVE-2021-3647.json +++ b/2021/3xxx/CVE-2021-3647.json @@ -87,4 +87,3 @@ "discovery": "EXTERNAL" } } -{"mode":"full","isActive":false} From bd75bf652e31f4214dec78ebba5d34ea93bc5c25 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Jul 2021 09:00:48 +0000 Subject: [PATCH 18/26] "-Synchronized-Data." --- 2020/24xxx/CVE-2020-24700.json | 5 +++++ 2020/24xxx/CVE-2020-24701.json | 5 +++++ 2021/22xxx/CVE-2021-22000.json | 5 +++++ 3 files changed, 15 insertions(+) diff --git a/2020/24xxx/CVE-2020-24700.json b/2020/24xxx/CVE-2020-24700.json index 3bc8ab9c1ac..a0d4ef9e3ba 100644 --- a/2020/24xxx/CVE-2020-24700.json +++ b/2020/24xxx/CVE-2020-24700.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html", "url": "http://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html" + }, + { + "refsource": "FULLDISC", + "name": "20210716 Open-Xchange Security Advisory 2021-07-15", + "url": "http://seclists.org/fulldisclosure/2021/Jul/33" } ] } diff --git a/2020/24xxx/CVE-2020-24701.json b/2020/24xxx/CVE-2020-24701.json index 9b0a5db6895..66000294dab 100644 --- a/2020/24xxx/CVE-2020-24701.json +++ b/2020/24xxx/CVE-2020-24701.json @@ -61,6 +61,11 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html", "url": "http://packetstormsecurity.com/files/160853/OX-App-Suite-OX-Documents-7.10.x-XSS-SSRF.html" + }, + { + "refsource": "FULLDISC", + "name": "20210716 Open-Xchange Security Advisory 2021-07-15", + "url": "http://seclists.org/fulldisclosure/2021/Jul/33" } ] } diff --git a/2021/22xxx/CVE-2021-22000.json b/2021/22xxx/CVE-2021-22000.json index f1ef70876a4..162404ac2db 100644 --- a/2021/22xxx/CVE-2021-22000.json +++ b/2021/22xxx/CVE-2021-22000.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.vmware.com/security/advisories/VMSA-2021-0015.html", "url": "https://www.vmware.com/security/advisories/VMSA-2021-0015.html" + }, + { + "refsource": "FULLDISC", + "name": "20210716 VMware ThinApp DLL hijacking vulnerability", + "url": "http://seclists.org/fulldisclosure/2021/Jul/35" } ] }, From 694327c839c4f005f918d7e76007313524ab236b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Jul 2021 10:00:47 +0000 Subject: [PATCH 19/26] "-Synchronized-Data." --- 2018/8xxx/CVE-2018-8012.json | 5 +++++ 2021/3xxx/CVE-2021-3651.json | 18 ++++++++++++++++++ 2 files changed, 23 insertions(+) create mode 100644 2021/3xxx/CVE-2021-3651.json diff --git a/2018/8xxx/CVE-2018-8012.json b/2018/8xxx/CVE-2018-8012.json index 3cb4c0bc4b4..29550964b9b 100644 --- a/2018/8xxx/CVE-2018-8012.json +++ b/2018/8xxx/CVE-2018-8012.json @@ -92,6 +92,11 @@ "name": "https://lists.apache.org/thread.html/c75147028c1c79bdebd4f8fa5db2b77da85de2b05ecc0d54d708b393@%3Cdev.zookeeper.apache.org%3E", "refsource": "MISC", "url": "https://lists.apache.org/thread.html/c75147028c1c79bdebd4f8fa5db2b77da85de2b05ecc0d54d708b393@%3Cdev.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[jackrabbit-dev] 20210716 [GitHub] [jackrabbit-oak] nit0906 opened a new pull request #326: OAK-9496 | Update zookeeper version to handle CVE-2018-8012", + "url": "https://lists.apache.org/thread.html/r8f0d920805af93033c488af89104e2d682662bacfb8406db865d5e14@%3Cdev.jackrabbit.apache.org%3E" } ] } diff --git a/2021/3xxx/CVE-2021-3651.json b/2021/3xxx/CVE-2021-3651.json new file mode 100644 index 00000000000..098d46846df --- /dev/null +++ b/2021/3xxx/CVE-2021-3651.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3651", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file From e851281df4876b11cbf6d3b872011c420bcbaa73 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Jul 2021 11:00:54 +0000 Subject: [PATCH 20/26] "-Synchronized-Data." --- 2020/25xxx/CVE-2020-25709.json | 5 ++++ 2020/25xxx/CVE-2020-25710.json | 5 ++++ 2021/0xxx/CVE-2021-0051.json | 5 ++++ 2021/0xxx/CVE-2021-0129.json | 5 ++++ 2021/21xxx/CVE-2021-21799.json | 50 ++++++++++++++++++++++++++++++++-- 2021/21xxx/CVE-2021-21800.json | 50 ++++++++++++++++++++++++++++++++-- 2021/21xxx/CVE-2021-21801.json | 50 ++++++++++++++++++++++++++++++++-- 2021/21xxx/CVE-2021-21802.json | 50 ++++++++++++++++++++++++++++++++-- 2021/21xxx/CVE-2021-21803.json | 50 ++++++++++++++++++++++++++++++++-- 2021/21xxx/CVE-2021-21804.json | 50 ++++++++++++++++++++++++++++++++-- 2021/21xxx/CVE-2021-21816.json | 50 ++++++++++++++++++++++++++++++++-- 2021/21xxx/CVE-2021-21817.json | 50 ++++++++++++++++++++++++++++++++-- 2021/21xxx/CVE-2021-21818.json | 50 ++++++++++++++++++++++++++++++++-- 2021/21xxx/CVE-2021-21819.json | 50 ++++++++++++++++++++++++++++++++-- 2021/21xxx/CVE-2021-21820.json | 50 ++++++++++++++++++++++++++++++++-- 2021/26xxx/CVE-2021-26707.json | 5 ++++ 2021/28xxx/CVE-2021-28651.json | 5 ++++ 2021/28xxx/CVE-2021-28807.json | 10 +++++++ 2021/31xxx/CVE-2021-31806.json | 5 ++++ 2021/31xxx/CVE-2021-31807.json | 5 ++++ 2021/31xxx/CVE-2021-31808.json | 5 ++++ 2021/3xxx/CVE-2021-3489.json | 5 ++++ 2021/3xxx/CVE-2021-3490.json | 5 ++++ 2021/3xxx/CVE-2021-3491.json | 5 ++++ 2021/3xxx/CVE-2021-3516.json | 5 ++++ 2021/3xxx/CVE-2021-3530.json | 5 ++++ 26 files changed, 597 insertions(+), 33 deletions(-) diff --git a/2020/25xxx/CVE-2020-25709.json b/2020/25xxx/CVE-2020-25709.json index 32ca08e2109..3c1eb02fb69 100644 --- a/2020/25xxx/CVE-2020-25709.json +++ b/2020/25xxx/CVE-2020-25709.json @@ -78,6 +78,11 @@ "refsource": "MLIST", "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0003/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0003/" } ] }, diff --git a/2020/25xxx/CVE-2020-25710.json b/2020/25xxx/CVE-2020-25710.json index 8b303825249..b628736190d 100644 --- a/2020/25xxx/CVE-2020-25710.json +++ b/2020/25xxx/CVE-2020-25710.json @@ -73,6 +73,11 @@ "refsource": "MLIST", "name": "[bookkeeper-issues] 20210629 [GitHub] [bookkeeper] padma81 opened a new issue #2746: Security Vulnerabilities in CentOS 7 image, Upgrade image to CentOS 8", "url": "https://lists.apache.org/thread.html/r58af02e294bd07f487e2c64ffc0a29b837db5600e33b6e698b9d696b@%3Cissues.bookkeeper.apache.org%3E" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0003/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0003/" } ] }, diff --git a/2021/0xxx/CVE-2021-0051.json b/2021/0xxx/CVE-2021-0051.json index 1101d1b17c1..6d5083bd760 100644 --- a/2021/0xxx/CVE-2021-0051.json +++ b/2021/0xxx/CVE-2021-0051.json @@ -48,6 +48,11 @@ "refsource": "MISC", "name": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00500.html", "url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00500.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0001/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0001/" } ] }, diff --git a/2021/0xxx/CVE-2021-0129.json b/2021/0xxx/CVE-2021-0129.json index eabdeaa2ccf..ecd3c2184f5 100644 --- a/2021/0xxx/CVE-2021-0129.json +++ b/2021/0xxx/CVE-2021-0129.json @@ -63,6 +63,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210626 [SECURITY] [DLA 2692-1] bluez security update", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00022.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0002/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0002/" } ] }, diff --git a/2021/21xxx/CVE-2021-21799.json b/2021/21xxx/CVE-2021-21799.json index f6fe6fd1c49..4ccd94d7352 100644 --- a/2021/21xxx/CVE-2021-21799.json +++ b/2021/21xxx/CVE-2021-21799.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21799", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Advantech", + "version": { + "version_data": [ + { + "version_value": "Advantech R-SeeNet 2.4.12 (20.10.2020)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": " cross-site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1270", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1270" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting vulnerabilities exist in the telnet_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user\u2019s browser. An attacker can provide a crafted URL to trigger this vulnerability." } ] } diff --git a/2021/21xxx/CVE-2021-21800.json b/2021/21xxx/CVE-2021-21800.json index f529f4a2e10..2109b3bdb3f 100644 --- a/2021/21xxx/CVE-2021-21800.json +++ b/2021/21xxx/CVE-2021-21800.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21800", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Advantech", + "version": { + "version_data": [ + { + "version_value": "Advantech R-SeeNet 2.4.12 (20.10.2020)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "cross-site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1271", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1271" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross-site scripting vulnerabilities exist in the ssh_form.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). If a user visits a specially crafted URL, it can lead to arbitrary JavaScript code execution in the context of the targeted user\u2019s browser. An attacker can provide a crafted URL to trigger this vulnerability." } ] } diff --git a/2021/21xxx/CVE-2021-21801.json b/2021/21xxx/CVE-2021-21801.json index fb0c51418fe..2ce09729b76 100644 --- a/2021/21xxx/CVE-2021-21801.json +++ b/2021/21xxx/CVE-2021-21801.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21801", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Advantech", + "version": { + "version_data": [ + { + "version_value": "Advantech R-SeeNet 2.4.12 (20.10.2020)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "cross-site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution." } ] } diff --git a/2021/21xxx/CVE-2021-21802.json b/2021/21xxx/CVE-2021-21802.json index 5f81b122522..8f64ec094bd 100644 --- a/2021/21xxx/CVE-2021-21802.json +++ b/2021/21xxx/CVE-2021-21802.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21802", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Advantech", + "version": { + "version_data": [ + { + "version_value": "Advantech R-SeeNet 2.4.12 (20.10.2020)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": " cross-site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution." } ] } diff --git a/2021/21xxx/CVE-2021-21803.json b/2021/21xxx/CVE-2021-21803.json index 35f1a7a5ae4..a139b120039 100644 --- a/2021/21xxx/CVE-2021-21803.json +++ b/2021/21xxx/CVE-2021-21803.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21803", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Advantech", + "version": { + "version_data": [ + { + "version_value": "Advantech R-SeeNet 2.4.12 (20.10.2020)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "cross-site scripting" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1272" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution." } ] } diff --git a/2021/21xxx/CVE-2021-21804.json b/2021/21xxx/CVE-2021-21804.json index 9577f18ab7f..daaa4211130 100644 --- a/2021/21xxx/CVE-2021-21804.json +++ b/2021/21xxx/CVE-2021-21804.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21804", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Advantech", + "version": { + "version_data": [ + { + "version_value": "Advantech R-SeeNet 2.4.12 (20.10.2020)" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "PHP Remote File Inclusion" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1273", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1273" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A local file inclusion (LFI) vulnerability exists in the options.php script functionality of Advantech R-SeeNet v 2.4.12 (20.10.2020). A specially crafted HTTP request can lead to arbitrary PHP code execution. An attacker can send a crafted HTTP request to trigger this vulnerability." } ] } diff --git a/2021/21xxx/CVE-2021-21816.json b/2021/21xxx/CVE-2021-21816.json index 19629af9736..ce8dab2ae34 100644 --- a/2021/21xxx/CVE-2021-21816.json +++ b/2021/21xxx/CVE-2021-21816.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21816", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "D-LINK", + "version": { + "version_data": [ + { + "version_value": "D-LINK DIR-3040 1.13B03" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information exposure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1281", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1281" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send an HTTP request to trigger this vulnerability." } ] } diff --git a/2021/21xxx/CVE-2021-21817.json b/2021/21xxx/CVE-2021-21817.json index 1a10769ba5e..b8067dcf88c 100644 --- a/2021/21xxx/CVE-2021-21817.json +++ b/2021/21xxx/CVE-2021-21817.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21817", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "D-Link", + "version": { + "version_data": [ + { + "version_value": "D-LINK DIR-3040 1.13B03" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "information exposure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1282", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1282" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability." } ] } diff --git a/2021/21xxx/CVE-2021-21818.json b/2021/21xxx/CVE-2021-21818.json index 6969d026c34..ca9de0e14a3 100644 --- a/2021/21xxx/CVE-2021-21818.json +++ b/2021/21xxx/CVE-2021-21818.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21818", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "D-Link", + "version": { + "version_data": [ + { + "version_value": "D-LINK DIR-3040 1.13B03" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Use of hard-coded password" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1283", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1283" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of requests to trigger this vulnerability." } ] } diff --git a/2021/21xxx/CVE-2021-21819.json b/2021/21xxx/CVE-2021-21819.json index 5460bfe4131..7bfb9882e56 100644 --- a/2021/21xxx/CVE-2021-21819.json +++ b/2021/21xxx/CVE-2021-21819.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21819", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "D-Link", + "version": { + "version_data": [ + { + "version_value": "D-LINK DIR-3040 1.13B03" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "OS command injection" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1284", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1284" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A code execution vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger this vulnerability." } ] } diff --git a/2021/21xxx/CVE-2021-21820.json b/2021/21xxx/CVE-2021-21820.json index 108a8e216b7..da8b73a44b3 100644 --- a/2021/21xxx/CVE-2021-21820.json +++ b/2021/21xxx/CVE-2021-21820.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2021-21820", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "talos-cna@cisco.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "D-Link", + "version": { + "version_data": [ + { + "version_value": "D-LINK DIR-3040 1.13B03" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "use of hard coded credentials\"" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1285", + "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2021-1285" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability." } ] } diff --git a/2021/26xxx/CVE-2021-26707.json b/2021/26xxx/CVE-2021-26707.json index 3e37a6b9f4f..62a8727160f 100644 --- a/2021/26xxx/CVE-2021-26707.json +++ b/2021/26xxx/CVE-2021-26707.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "https://securitylab.github.com/advisories/GHSL-2020-160-merge-deep/", "url": "https://securitylab.github.com/advisories/GHSL-2020-160-merge-deep/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0008/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0008/" } ] } diff --git a/2021/28xxx/CVE-2021-28651.json b/2021/28xxx/CVE-2021-28651.json index fc5b1c77709..92584bdf7c2 100644 --- a/2021/28xxx/CVE-2021-28651.json +++ b/2021/28xxx/CVE-2021-28651.json @@ -81,6 +81,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210614 [SECURITY] [DLA 2685-1] squid3 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0007/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0007/" } ] } diff --git a/2021/28xxx/CVE-2021-28807.json b/2021/28xxx/CVE-2021-28807.json index e84667dc0ff..190814543ce 100644 --- a/2021/28xxx/CVE-2021-28807.json +++ b/2021/28xxx/CVE-2021-28807.json @@ -105,6 +105,16 @@ "refsource": "MISC", "url": "https://www.qnap.com/zh-tw/security-advisory/qsa-21-20", "name": "https://www.qnap.com/zh-tw/security-advisory/qsa-21-20" + }, + { + "refsource": "MISC", + "name": "https://www.shielder.it/advisories/qnap-qcenter-virtual-stored-xss/", + "url": "https://www.shielder.it/advisories/qnap-qcenter-virtual-stored-xss/" + }, + { + "refsource": "MISC", + "name": "https://www.shielder.it/advisories/qnap-qcenter-post-auth-remote-code-execution-via-qpkg/", + "url": "https://www.shielder.it/advisories/qnap-qcenter-post-auth-remote-code-execution-via-qpkg/" } ] }, diff --git a/2021/31xxx/CVE-2021-31806.json b/2021/31xxx/CVE-2021-31806.json index 86749e45a16..01d80371b4c 100644 --- a/2021/31xxx/CVE-2021-31806.json +++ b/2021/31xxx/CVE-2021-31806.json @@ -81,6 +81,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210614 [SECURITY] [DLA 2685-1] squid3 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0007/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0007/" } ] } diff --git a/2021/31xxx/CVE-2021-31807.json b/2021/31xxx/CVE-2021-31807.json index ec6864b54f8..bcae8962490 100644 --- a/2021/31xxx/CVE-2021-31807.json +++ b/2021/31xxx/CVE-2021-31807.json @@ -76,6 +76,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210614 [SECURITY] [DLA 2685-1] squid3 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0007/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0007/" } ] } diff --git a/2021/31xxx/CVE-2021-31808.json b/2021/31xxx/CVE-2021-31808.json index b9b3d0fdb55..ce9ed20849d 100644 --- a/2021/31xxx/CVE-2021-31808.json +++ b/2021/31xxx/CVE-2021-31808.json @@ -81,6 +81,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20210614 [SECURITY] [DLA 2685-1] squid3 security update", "url": "https://lists.debian.org/debian-lts-announce/2021/06/msg00014.html" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0007/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0007/" } ] } diff --git a/2021/3xxx/CVE-2021-3489.json b/2021/3xxx/CVE-2021-3489.json index 42921b43aa9..4d6028208d7 100644 --- a/2021/3xxx/CVE-2021-3489.json +++ b/2021/3xxx/CVE-2021-3489.json @@ -133,6 +133,11 @@ "name": "https://ubuntu.com/security/notices/USN-4949-1", "refsource": "UBUNTU", "url": "https://ubuntu.com/security/notices/USN-4949-1" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0004/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0004/" } ] }, diff --git a/2021/3xxx/CVE-2021-3490.json b/2021/3xxx/CVE-2021-3490.json index 0ad47267eec..956855f77db 100644 --- a/2021/3xxx/CVE-2021-3490.json +++ b/2021/3xxx/CVE-2021-3490.json @@ -133,6 +133,11 @@ "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-606/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-606/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0004/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0004/" } ] }, diff --git a/2021/3xxx/CVE-2021-3491.json b/2021/3xxx/CVE-2021-3491.json index b84877ce90f..20f58aa2138 100644 --- a/2021/3xxx/CVE-2021-3491.json +++ b/2021/3xxx/CVE-2021-3491.json @@ -125,6 +125,11 @@ "name": "https://www.zerodayinitiative.com/advisories/ZDI-21-589/", "refsource": "MISC", "url": "https://www.zerodayinitiative.com/advisories/ZDI-21-589/" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0004/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0004/" } ] }, diff --git a/2021/3xxx/CVE-2021-3516.json b/2021/3xxx/CVE-2021-3516.json index b485d819beb..c0ee3963983 100644 --- a/2021/3xxx/CVE-2021-3516.json +++ b/2021/3xxx/CVE-2021-3516.json @@ -78,6 +78,11 @@ "refsource": "GENTOO", "name": "GLSA-202107-05", "url": "https://security.gentoo.org/glsa/202107-05" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0005/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0005/" } ] }, diff --git a/2021/3xxx/CVE-2021-3530.json b/2021/3xxx/CVE-2021-3530.json index 8dc309fc9ee..90b3dec90f0 100644 --- a/2021/3xxx/CVE-2021-3530.json +++ b/2021/3xxx/CVE-2021-3530.json @@ -53,6 +53,11 @@ "refsource": "MISC", "name": "https://src.fedoraproject.org/rpms/binutils/blob/rawhide/f/binutils-CVE-2021-3530.patch", "url": "https://src.fedoraproject.org/rpms/binutils/blob/rawhide/f/binutils-CVE-2021-3530.patch" + }, + { + "refsource": "CONFIRM", + "name": "https://security.netapp.com/advisory/ntap-20210716-0006/", + "url": "https://security.netapp.com/advisory/ntap-20210716-0006/" } ] }, From d879eabb7525e9defb4eab805a27c419dbc3c7a2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Jul 2021 12:00:58 +0000 Subject: [PATCH 21/26] "-Synchronized-Data." --- 2016/4xxx/CVE-2016-4954.json | 90 ++++++++++++++++++++++++++++++++++++ 2016/4xxx/CVE-2016-4955.json | 80 ++++++++++++++++++++++++++++++++ 2016/4xxx/CVE-2016-4956.json | 85 ++++++++++++++++++++++++++++++++++ 3 files changed, 255 insertions(+) diff --git a/2016/4xxx/CVE-2016-4954.json b/2016/4xxx/CVE-2016-4954.json index a45f0c7f933..10cbccc2717 100644 --- a/2016/4xxx/CVE-2016-4954.json +++ b/2016/4xxx/CVE-2016-4954.json @@ -57,6 +57,16 @@ "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html" }, + { + "refsource": "UBUNTU", + "name": "USN-3096-1", + "url": "http://www.ubuntu.com/usn/USN-3096-1" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-c3bd6a3496", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/" + }, { "name": "openSUSE-SU-2016:1583", "refsource": "SUSE", @@ -67,6 +77,16 @@ "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1912", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-89e0874533", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/" + }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03757en_us", "refsource": "CONFIRM", @@ -92,6 +112,11 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug3044" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:2094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" + }, { "name": "VU#321640", "refsource": "CERT-VN", @@ -102,6 +127,11 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-50b0066b7f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/" + }, { "name": "openSUSE-SU-2016:1636", "refsource": "SUSE", @@ -122,6 +152,61 @@ "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html", + "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" + }, + { + "refsource": "CISCO", + "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" + }, + { + "refsource": "BUGTRAQ", + "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", + "url": "http://www.securityfocus.com/archive/1/540683/100/0/threaded" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html", + "url": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1568", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", + "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", + "url": "http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", + "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" + }, + { + "refsource": "CERT-VN", + "name": "VU#321640", + "url": "https://www.kb.cert.org/vuls/id/321640" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", + "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", + "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", @@ -136,6 +221,11 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } diff --git a/2016/4xxx/CVE-2016-4955.json b/2016/4xxx/CVE-2016-4955.json index 3b420b48b24..2e58a92af54 100644 --- a/2016/4xxx/CVE-2016-4955.json +++ b/2016/4xxx/CVE-2016-4955.json @@ -57,6 +57,16 @@ "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html" }, + { + "refsource": "UBUNTU", + "name": "USN-3096-1", + "url": "http://www.ubuntu.com/usn/USN-3096-1" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-c3bd6a3496", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/" + }, { "name": "openSUSE-SU-2016:1583", "refsource": "SUSE", @@ -67,6 +77,16 @@ "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1912", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-89e0874533", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/" + }, { "name": "91007", "refsource": "BID", @@ -92,6 +112,11 @@ "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:2094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" + }, { "name": "http://bugs.ntp.org/3043", "refsource": "CONFIRM", @@ -107,6 +132,11 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-50b0066b7f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/" + }, { "name": "openSUSE-SU-2016:1636", "refsource": "SUSE", @@ -122,10 +152,60 @@ "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html", + "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" + }, + { + "refsource": "CISCO", + "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html", + "url": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1568", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", + "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", + "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" + }, + { + "refsource": "CERT-VN", + "name": "VU#321640", + "url": "https://www.kb.cert.org/vuls/id/321640" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", + "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", + "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } diff --git a/2016/4xxx/CVE-2016-4956.json b/2016/4xxx/CVE-2016-4956.json index 3c036189f31..b98c4fb0775 100644 --- a/2016/4xxx/CVE-2016-4956.json +++ b/2016/4xxx/CVE-2016-4956.json @@ -57,6 +57,16 @@ "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html" }, + { + "refsource": "UBUNTU", + "name": "USN-3096-1", + "url": "http://www.ubuntu.com/usn/USN-3096-1" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-c3bd6a3496", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/" + }, { "name": "91009", "refsource": "BID", @@ -72,6 +82,16 @@ "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1912", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-89e0874533", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/" + }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03757en_us", "refsource": "CONFIRM", @@ -97,6 +117,11 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug3042" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:2094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" + }, { "name": "http://bugs.ntp.org/3042", "refsource": "CONFIRM", @@ -112,6 +137,11 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-50b0066b7f", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/" + }, { "name": "openSUSE-SU-2016:1636", "refsource": "SUSE", @@ -127,10 +157,65 @@ "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html", + "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" + }, + { + "refsource": "CISCO", + "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" + }, + { + "refsource": "BUGTRAQ", + "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", + "url": "http://www.securityfocus.com/archive/1/540683/100/0/threaded" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1568", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", + "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", + "url": "http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", + "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" + }, + { + "refsource": "CERT-VN", + "name": "VU#321640", + "url": "https://www.kb.cert.org/vuls/id/321640" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", + "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", + "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } From f55082fc1b025cb55ad38810c5bd31a79dff0fac Mon Sep 17 00:00:00 2001 From: santosomar Date: Fri, 16 Jul 2021 12:22:32 +0000 Subject: [PATCH 22/26] Adding Cisco CVE-2021-1422 --- 2021/1xxx/CVE-2021-1422.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2021/1xxx/CVE-2021-1422.json b/2021/1xxx/CVE-2021-1422.json index 654f40607be..dde9ec7fa6f 100644 --- a/2021/1xxx/CVE-2021-1422.json +++ b/2021/1xxx/CVE-2021-1422.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2021-07-15T23:00:00", "ID": "CVE-2021-1422", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Adaptive Security Appliance (ASA) Software ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\r A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition.\r The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data.\r Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "7.7", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-617" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20210715 Cisco Adaptive Security Appliance Software Release 9.16.1 and Cisco Firepower Threat Defense Software Release 7.0.0 IPsec Denial of Service Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC" + } + ] + }, + "source": { + "advisory": "cisco-sa-asa-ftd-ipsec-dos-TFKQbgWC", + "defect": [ + [ + "CSCvy66711" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 78d0d2242a20e75b653d331ad29472182088bf2a Mon Sep 17 00:00:00 2001 From: Jamie Slome Date: Fri, 16 Jul 2021 13:49:52 +0100 Subject: [PATCH 23/26] Update CVE-2021-3649.json --- 2021/3xxx/CVE-2021-3649.json | 103 +++++++++++++++++++++++++++++------ 1 file changed, 87 insertions(+), 16 deletions(-) diff --git a/2021/3xxx/CVE-2021-3649.json b/2021/3xxx/CVE-2021-3649.json index 179fdac7290..637c0605af5 100644 --- a/2021/3xxx/CVE-2021-3649.json +++ b/2021/3xxx/CVE-2021-3649.json @@ -1,18 +1,89 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2021-3649", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ - { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2021-3649", + "STATE": "PUBLIC", + "TITLE": "Inefficient Regular Expression Complexity in chatwoot/chatwoot" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "chatwoot/chatwoot", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "1.11.1" + } + ] + } + } + ] + }, + "vendor_name": "chatwoot" + } + ] } -} \ No newline at end of file + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "chatwoot is vulnerable to Inefficient Regular Expression Complexity" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-1333 Inefficient Regular Expression Complexity" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/1625088985607-chatwoot/chatwoot", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/1625088985607-chatwoot/chatwoot" + }, + { + "name": "https://github.com/chatwoot/chatwoot/commit/aa7db90cd2d23dbcf22a94f1e4c100dd909e2172", + "refsource": "MISC", + "url": "https://github.com/chatwoot/chatwoot/commit/aa7db90cd2d23dbcf22a94f1e4c100dd909e2172" + } + ] + }, + "source": { + "advisory": "1625088985607-chatwoot/chatwoot", + "discovery": "EXTERNAL" + } +} From c9ee1affdc80d82f8d64dfb7d7283b3468c53627 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Jul 2021 13:00:54 +0000 Subject: [PATCH 24/26] "-Synchronized-Data." --- 2015/7xxx/CVE-2015-7705.json | 100 +++++++++++++++++++++++++++++++ 2015/7xxx/CVE-2015-7853.json | 105 +++++++++++++++++++++++++++++++++ 2016/4xxx/CVE-2016-4953.json | 70 ++++++++++++++++++++++ 2016/7xxx/CVE-2016-7433.json | 65 ++++++++++++++++++++ 2018/8xxx/CVE-2018-8012.json | 5 ++ 2019/12xxx/CVE-2019-12900.json | 5 ++ 2021/1xxx/CVE-2021-1422.json | 4 +- 2021/28xxx/CVE-2021-28114.json | 66 +++++++++++++++++++-- 8 files changed, 412 insertions(+), 8 deletions(-) diff --git a/2015/7xxx/CVE-2015-7705.json b/2015/7xxx/CVE-2015-7705.json index 6ee2aea01d1..f9231ea4ea9 100644 --- a/2015/7xxx/CVE-2015-7705.json +++ b/2015/7xxx/CVE-2015-7705.json @@ -52,11 +52,26 @@ }, "references": { "reference_data": [ + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1912", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" + }, { "name": "VU#718152", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/718152" }, + { + "refsource": "UBUNTU", + "name": "USN-2783-1", + "url": "http://www.ubuntu.com/usn/USN-2783-1" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1247", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" + }, { "name": "77284", "refsource": "BID", @@ -77,11 +92,21 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1311", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" + }, { "name": "https://www.cs.bu.edu/~goldbe/NTPattack.html", "refsource": "MISC", "url": "https://www.cs.bu.edu/~goldbe/NTPattack.html" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:2094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" + }, { "name": "https://eprint.iacr.org/2015/1020.pdf", "refsource": "MISC", @@ -102,6 +127,11 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug2901" }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2016:1423", + "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" + }, { "name": "GLSA-201607-15", "refsource": "GENTOO", @@ -112,6 +142,71 @@ "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html", + "url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2016:1329", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" + }, + { + "refsource": "CISCO", + "name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1471", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" + }, + { + "refsource": "CONFIRM", + "name": "https://bto.bluecoat.com/security-advisory/sa103", + "url": "https://bto.bluecoat.com/security-advisory/sa103" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1291", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1568", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2015:2016", + "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1278", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", + "url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", + "url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", @@ -126,6 +221,11 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } diff --git a/2015/7xxx/CVE-2015-7853.json b/2015/7xxx/CVE-2015-7853.json index 4cdb9495b32..7fe9293a7d4 100644 --- a/2015/7xxx/CVE-2015-7853.json +++ b/2015/7xxx/CVE-2015-7853.json @@ -57,21 +57,51 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug2920" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1912", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-2783-1", + "url": "http://www.ubuntu.com/usn/USN-2783-1" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1247", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" + }, { "name": "1033951", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033951" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1311", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" + }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274262" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:2094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" + }, { "name": "77273", "refsource": "BID", "url": "http://www.securityfocus.com/bid/77273" }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2016:1423", + "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" + }, { "name": "GLSA-201607-15", "refsource": "GENTOO", @@ -82,10 +112,85 @@ "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html", + "url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html", + "url": "http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html" + }, + { + "refsource": "CISCO", + "name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp" + }, + { + "refsource": "CONFIRM", + "name": "https://bto.bluecoat.com/security-advisory/sa103", + "url": "https://bto.bluecoat.com/security-advisory/sa103" + }, + { + "refsource": "BUGTRAQ", + "name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]", + "url": "http://www.securityfocus.com/archive/1/536833/100/0/threaded" + }, + { + "refsource": "MISC", + "name": "http://www.talosintel.com/vulnerability-reports/", + "url": "http://www.talosintel.com/vulnerability-reports/" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2015:2016", + "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED]", + "url": "http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp", + "url": "http://www.securityfocus.com/archive/1/536760/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp", + "url": "http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", + "url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", + "url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", + "url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } diff --git a/2016/4xxx/CVE-2016-4953.json b/2016/4xxx/CVE-2016-4953.json index b7d2217d346..fd09b7a6b0e 100644 --- a/2016/4xxx/CVE-2016-4953.json +++ b/2016/4xxx/CVE-2016-4953.json @@ -72,6 +72,11 @@ "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1912", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" + }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03757en_us", "refsource": "CONFIRM", @@ -97,6 +102,11 @@ "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:2094", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" + }, { "name": "VU#321640", "refsource": "CERT-VN", @@ -127,6 +137,61 @@ "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html", + "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" + }, + { + "refsource": "CISCO", + "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", + "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" + }, + { + "refsource": "BUGTRAQ", + "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", + "url": "http://www.securityfocus.com/archive/1/540683/100/0/threaded" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html", + "url": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html" + }, + { + "refsource": "SUSE", + "name": "SUSE-SU-2016:1568", + "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", + "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", + "url": "http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", + "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" + }, + { + "refsource": "CERT-VN", + "name": "VU#321640", + "url": "https://www.kb.cert.org/vuls/id/321640" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", + "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", + "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", @@ -141,6 +206,11 @@ "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } diff --git a/2016/7xxx/CVE-2016-7433.json b/2016/7xxx/CVE-2016-7433.json index e1e81200a25..435f6462454 100644 --- a/2016/7xxx/CVE-2016-7433.json +++ b/2016/7xxx/CVE-2016-7433.json @@ -107,10 +107,75 @@ "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug3067" }, + { + "refsource": "BUGTRAQ", + "name": "20170310 [security bulletin] HPESBUX03706 rev.1 - HP-UX NTP service running ntpd, Multiple Vulnerabilities", + "url": "http://www.securityfocus.com/archive/1/540254/100/0/threaded" + }, + { + "refsource": "BUGTRAQ", + "name": "20170310 [security bulletin] HPESBUX03706 rev.1 - HP-UX NTP service running ntpd, Multiple Vulnerabilities", + "url": "http://www.securityfocus.com/archive/1/archive/1/540254/100/0/threaded" + }, + { + "refsource": "SUSE", + "name": "openSUSE-SU-2016:3280", + "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html" + }, + { + "refsource": "UBUNTU", + "name": "USN-3349-1", + "url": "http://www.ubuntu.com/usn/USN-3349-1" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-e8a8561ee7", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PABKEYX6ABBFJZGMXKH57X756EJUDS3C/" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-7209ab4e02", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U5E3XBBCK5IXOLDAH2E4M3QKIYIHUMMP/" + }, + { + "refsource": "CONFIRM", + "name": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-ntpd-en", + "url": "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-ntpd-en" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2016-c198d15316", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ILMSYVQMMF37MANYEO7KBHOPSC74EKGN/" + }, + { + "refsource": "CONFIRM", + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-227/", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-227/" + }, + { + "refsource": "BUGTRAQ", + "name": "20161222 FreeBSD Security Advisory FreeBSD-SA-16:39.ntp", + "url": "http://www.securityfocus.com/archive/1/539955/100/0/threaded" + }, + { + "refsource": "CONFIRM", + "name": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-227", + "url": "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-227" + }, + { + "refsource": "BUGTRAQ", + "name": "20161222 FreeBSD Security Advisory FreeBSD-SA-16:39.ntp", + "url": "http://www.securityfocus.com/archive/1/archive/1/539955/100/0/threaded" + }, { "refsource": "CONFIRM", "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" + }, + { + "refsource": "MISC", + "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", + "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } diff --git a/2018/8xxx/CVE-2018-8012.json b/2018/8xxx/CVE-2018-8012.json index 29550964b9b..1623f829b7a 100644 --- a/2018/8xxx/CVE-2018-8012.json +++ b/2018/8xxx/CVE-2018-8012.json @@ -97,6 +97,11 @@ "refsource": "MLIST", "name": "[jackrabbit-dev] 20210716 [GitHub] [jackrabbit-oak] nit0906 opened a new pull request #326: OAK-9496 | Update zookeeper version to handle CVE-2018-8012", "url": "https://lists.apache.org/thread.html/r8f0d920805af93033c488af89104e2d682662bacfb8406db865d5e14@%3Cdev.jackrabbit.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[jackrabbit-dev] 20210716 [GitHub] [jackrabbit-oak] nit0906 commented on pull request #326: OAK-9496 | Update zookeeper version to handle CVE-2018-8012", + "url": "https://lists.apache.org/thread.html/rc5bc4ddb0deabf8cfb69378cecee56fcdc76929bea9e6373cb863870@%3Cdev.jackrabbit.apache.org%3E" } ] } diff --git a/2019/12xxx/CVE-2019-12900.json b/2019/12xxx/CVE-2019-12900.json index 42352ef7dc3..9dcd1aeb8ed 100644 --- a/2019/12xxx/CVE-2019-12900.json +++ b/2019/12xxx/CVE-2019-12900.json @@ -156,6 +156,11 @@ "refsource": "CONFIRM", "name": "https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS", "url": "https://support.f5.com/csp/article/K68713584?utm_source=f5support&utm_medium=RSS" + }, + { + "refsource": "MLIST", + "name": "[flink-user] 20210716 Flink 1.13.1 - Vulnerabilities CVE-2019-12900 for librocksdbjni", + "url": "https://lists.apache.org/thread.html/rda98305669476c4d90cc8527c4deda7e449019dd1fe9936b56671dd4@%3Cuser.flink.apache.org%3E" } ] } diff --git a/2021/1xxx/CVE-2021-1422.json b/2021/1xxx/CVE-2021-1422.json index dde9ec7fa6f..51e84f8dbff 100644 --- a/2021/1xxx/CVE-2021-1422.json +++ b/2021/1xxx/CVE-2021-1422.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition.\r The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data.\r Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0.\r " + "value": "A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data. Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2021/28xxx/CVE-2021-28114.json b/2021/28xxx/CVE-2021-28114.json index edecae3268f..b132e4a9f47 100644 --- a/2021/28xxx/CVE-2021-28114.json +++ b/2021/28xxx/CVE-2021-28114.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-28114", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-28114", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://labs.bishopfox.com/advisories", + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories" + }, + { + "url": "https://froala.com/wysiwyg-editor/", + "refsource": "MISC", + "name": "https://froala.com/wysiwyg-editor/" + }, + { + "refsource": "MISC", + "name": "https://labs.bishopfox.com/advisories/froala-editor-v3.2.6", + "url": "https://labs.bishopfox.com/advisories/froala-editor-v3.2.6" } ] } From ab3594171d0113beab65ab627f3e8a6348033f27 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Jul 2021 15:00:49 +0000 Subject: [PATCH 25/26] "-Synchronized-Data." --- 2021/28xxx/CVE-2021-28054.json | 66 ++++++++++++++++++++++++++++++---- 1 file changed, 60 insertions(+), 6 deletions(-) diff --git a/2021/28xxx/CVE-2021-28054.json b/2021/28xxx/CVE-2021-28054.json index 95d09ab1026..c942bf07143 100644 --- a/2021/28xxx/CVE-2021-28054.json +++ b/2021/28xxx/CVE-2021-28054.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-28054", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-28054", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting (XSS) issue in \"Configuration > Hosts\" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.centreon.com/current/en/", + "refsource": "MISC", + "name": "https://docs.centreon.com/current/en/" + }, + { + "url": "https://redshell.co", + "refsource": "MISC", + "name": "https://redshell.co" + }, + { + "refsource": "MISC", + "name": "https://github.com/centreon/centreon/releases/tag/20.04.13", + "url": "https://github.com/centreon/centreon/releases/tag/20.04.13" } ] } From e7debc34b846f8257530b2246949ddc023c68eb2 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 16 Jul 2021 16:00:54 +0000 Subject: [PATCH 26/26] "-Synchronized-Data." --- 2021/28xxx/CVE-2021-28053.json | 66 ++++++++++++++++++++++++++++++---- 2021/35xxx/CVE-2021-35961.json | 12 ++++--- 2021/35xxx/CVE-2021-35962.json | 10 +++--- 2021/36xxx/CVE-2021-36759.json | 18 ++++++++++ 4 files changed, 91 insertions(+), 15 deletions(-) create mode 100644 2021/36xxx/CVE-2021-36759.json diff --git a/2021/28xxx/CVE-2021-28053.json b/2021/28xxx/CVE-2021-28053.json index 61471671475..1cc9a4d9f5a 100644 --- a/2021/28xxx/CVE-2021-28053.json +++ b/2021/28xxx/CVE-2021-28053.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-28053", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-28053", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A SQL injection vulnerability in \"Configuration > Users > Contacts / Users\" allows remote authenticated users to execute arbitrary SQL commands via the Additional Information parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://docs.centreon.com/current/en/", + "refsource": "MISC", + "name": "https://docs.centreon.com/current/en/" + }, + { + "url": "https://redshell.co", + "refsource": "MISC", + "name": "https://redshell.co" + }, + { + "refsource": "MISC", + "name": "https://github.com/centreon/centreon/releases/tag/20.04.13", + "url": "https://github.com/centreon/centreon/releases/tag/20.04.13" } ] } diff --git a/2021/35xxx/CVE-2021-35961.json b/2021/35xxx/CVE-2021-35961.json index f273eb78a4c..1c4ab1a5dc1 100644 --- a/2021/35xxx/CVE-2021-35961.json +++ b/2021/35xxx/CVE-2021-35961.json @@ -39,7 +39,7 @@ "description_data": [ { "lang": "eng", - "value": "Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission." + "value": "Dr. ID Door Access Control and Personnel Attendance Management system uses the hard-code admin default credentials that allows remote attackers to access the system through the default password and obtain the highest permission." } ] }, @@ -77,12 +77,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.twcert.org.tw/tw/cp-132-4905-c99ac-1.html" + "refsource": "MISC", + "url": "https://www.twcert.org.tw/tw/cp-132-4905-c99ac-1.html", + "name": "https://www.twcert.org.tw/tw/cp-132-4905-c99ac-1.html" }, { - "refsource": "CONFIRM", - "url": "https://www.chtsecurity.com/news/2e4e69d5-2e32-4f73-ac7e-a66432e020e4" + "refsource": "MISC", + "url": "https://www.chtsecurity.com/news/2e4e69d5-2e32-4f73-ac7e-a66432e020e4", + "name": "https://www.chtsecurity.com/news/2e4e69d5-2e32-4f73-ac7e-a66432e020e4" } ] }, diff --git a/2021/35xxx/CVE-2021-35962.json b/2021/35xxx/CVE-2021-35962.json index a093d58a7a1..08897966c43 100644 --- a/2021/35xxx/CVE-2021-35962.json +++ b/2021/35xxx/CVE-2021-35962.json @@ -82,12 +82,14 @@ "references": { "reference_data": [ { - "refsource": "CONFIRM", - "url": "https://www.twcert.org.tw/tw/cp-132-4906-89381-1.html" + "refsource": "MISC", + "url": "https://www.twcert.org.tw/tw/cp-132-4906-89381-1.html", + "name": "https://www.twcert.org.tw/tw/cp-132-4906-89381-1.html" }, { - "refsource": "CONFIRM", - "url": "https://www.chtsecurity.com/news/d7ec2db9-12dd-439f-b014-b956ce231054" + "refsource": "MISC", + "url": "https://www.chtsecurity.com/news/d7ec2db9-12dd-439f-b014-b956ce231054", + "name": "https://www.chtsecurity.com/news/d7ec2db9-12dd-439f-b014-b956ce231054" } ] }, diff --git a/2021/36xxx/CVE-2021-36759.json b/2021/36xxx/CVE-2021-36759.json new file mode 100644 index 00000000000..717741d8eca --- /dev/null +++ b/2021/36xxx/CVE-2021-36759.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-36759", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file