admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-02-12 17:00:41 +00:00
parent e1a49108d6
commit e831defd2f
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
10 changed files with 770 additions and 638 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

178
2021/20xxx/CVE-2021-20406.json
View File

@ -1,93 +1,93 @@
{
"description" : {
"description_data" : [
{
"value" : "IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 198184.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"description": {
"description_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "1.0.6"
},
{
"version_value" : "1.0.7"
}
]
},
"product_name" : "Security Verify Information Queue"
}
]
}
"value": "IBM Security Verify Information Queue 1.0.6 and 1.0.7 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 198184.",
"lang": "eng"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "1.0.6"
},
{
"version_value": "1.0.7"
}
]
},
"product_name": "Security Verify Information Queue"
}
]
}
}
]
}
]
},
"data_version" : "4.0",
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6414763 (Security Verify Information Queue)",
"name" : "https://www.ibm.com/support/pages/node/6414763",
"url" : "https://www.ibm.com/support/pages/node/6414763"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196184",
"name" : "ibm-sviq-cve202120406-info-disc (196184)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-02-11T00:00:00",
"ID" : "CVE-2021-20406",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "N",
"I" : "N",
"PR" : "H",
"C" : "L",
"SCORE" : "2.200",
"AC" : "H",
"A" : "N",
"S" : "U",
"AV" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_format" : "MITRE"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_version": "4.0",
"data_type": "CVE",
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6414763 (Security Verify Information Queue)",
"name": "https://www.ibm.com/support/pages/node/6414763",
"url": "https://www.ibm.com/support/pages/node/6414763"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196184",
"name": "ibm-sviq-cve202120406-info-disc (196184)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2021-02-11T00:00:00",
"ID": "CVE-2021-20406",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"impact": {
"cvssv3": {
"BM": {
"UI": "N",
"I": "N",
"PR": "H",
"C": "L",
"SCORE": "2.200",
"AC": "H",
"A": "N",
"S": "U",
"AV": "N"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_format": "MITRE"
}

182
2021/20xxx/CVE-2021-20407.json
View File

@ -1,93 +1,93 @@
{
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"AV" : "N",
"PR" : "N",
"C" : "L",
"UI" : "N",
"I" : "N",
"SCORE" : "5.300",
"AC" : "L",
"A" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2021-02-11T00:00:00",
"ID" : "CVE-2021-20407"
},
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6414765",
"url" : "https://www.ibm.com/support/pages/node/6414765",
"title" : "IBM Security Bulletin 6414765 (Security Verify Information Queue)",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-sviq-cve202120407-info-disc (196185)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196185"
}
]
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks against the system. IBM X-Force ID: 198185.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Verify Information Queue",
"version" : {
"version_data" : [
{
"version_value" : "1.0.6"
},
{
"version_value" : "1.0.7"
}
]
}
}
]
}
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"AV": "N",
"PR": "N",
"C": "L",
"UI": "N",
"I": "N",
"SCORE": "5.300",
"AC": "L",
"A": "N"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
]
}
}
}
}
},
"CVE_data_meta": {
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2021-02-11T00:00:00",
"ID": "CVE-2021-20407"
},
"data_type": "CVE",
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6414765",
"url": "https://www.ibm.com/support/pages/node/6414765",
"title": "IBM Security Bulletin 6414765 (Security Verify Information Queue)",
"refsource": "CONFIRM"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"name": "ibm-sviq-cve202120407-info-disc (196185)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196185"
}
]
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"description": {
"description_data": [
{
"value": "IBM Security Verify Information Queue 1.0.6 and 1.0.7 discloses sensitive information in source code that could be used in further attacks against the system. IBM X-Force ID: 198185.",
"lang": "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Verify Information Queue",
"version": {
"version_data": [
{
"version_value": "1.0.6"
},
{
"version_value": "1.0.7"
}
]
}
}
]
}
}
]
}
}
}

182
2021/20xxx/CVE-2021-20408.json
View File

@ -1,93 +1,93 @@
{
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"S" : "U",
"AV" : "L",
"SCORE" : "7.100",
"UI" : "N",
"I" : "H",
"C" : "H",
"PR" : "L",
"A" : "N",
"AC" : "L"
}
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-02-11T00:00:00",
"ID" : "CVE-2021-20408"
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6414767",
"url" : "https://www.ibm.com/support/pages/node/6414767",
"title" : "IBM Security Bulletin 6414767 (Security Verify Information Queue)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-sviq-cve202120408-info-disc (196187)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196187",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Security Verify Information Queue",
"version" : {
"version_data" : [
{
"version_value" : "1.0.6"
},
{
"version_value" : "1.0.7"
}
]
}
}
]
},
"vendor_name" : "IBM"
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"E": "U",
"RL": "O"
},
"BM": {
"S": "U",
"AV": "L",
"SCORE": "7.100",
"UI": "N",
"I": "H",
"C": "H",
"PR": "L",
"A": "N",
"AC": "L"
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage of a plaintext cryptographic key. IBM X-Force ID: 198187.",
"lang" : "eng"
}
]
}
}
}
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2021-02-11T00:00:00",
"ID": "CVE-2021-20408"
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6414767",
"url": "https://www.ibm.com/support/pages/node/6414767",
"title": "IBM Security Bulletin 6414767 (Security Verify Information Queue)",
"refsource": "CONFIRM"
},
{
"name": "ibm-sviq-cve202120408-info-disc (196187)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196187",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"data_type": "CVE",
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Verify Information Queue",
"version": {
"version_data": [
{
"version_value": "1.0.6"
},
{
"version_value": "1.0.7"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"description": {
"description_data": [
{
"value": "IBM Security Verify Information Queue 1.0.6 and 1.0.7 could disclose highly sensitive information to a local user due to inproper storage of a plaintext cryptographic key. IBM X-Force ID: 198187.",
"lang": "eng"
}
]
}
}

178
2021/20xxx/CVE-2021-20409.json
View File

@ -1,93 +1,93 @@
{
"data_version" : "4.0",
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6414771 (Security Verify Information Queue)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6414771",
"url" : "https://www.ibm.com/support/pages/node/6414771"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196188",
"name" : "ibm-sviq-cve202120409-info-disc (196188)"
}
]
},
"CVE_data_meta" : {
"ID" : "CVE-2021-20409",
"DATE_PUBLIC" : "2021-02-11T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
},
"BM" : {
"I" : "N",
"UI" : "N",
"PR" : "N",
"C" : "H",
"SCORE" : "5.900",
"AC" : "H",
"A" : "N",
"S" : "U",
"AV" : "N"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 198188."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_version": "4.0",
"data_type": "CVE",
"references": {
"reference_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "1.0.6"
},
{
"version_value" : "1.0.7"
}
]
},
"product_name" : "Security Verify Information Queue"
}
]
},
"vendor_name" : "IBM"
"title": "IBM Security Bulletin 6414771 (Security Verify Information Queue)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6414771",
"url": "https://www.ibm.com/support/pages/node/6414771"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196188",
"name": "ibm-sviq-cve202120409-info-disc (196188)"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
},
"CVE_data_meta": {
"ID": "CVE-2021-20409",
"DATE_PUBLIC": "2021-02-11T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
},
"BM": {
"I": "N",
"UI": "N",
"PR": "N",
"C": "H",
"SCORE": "5.900",
"AC": "H",
"A": "N",
"S": "U",
"AV": "N"
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 198188."
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "1.0.6"
},
{
"version_value": "1.0.7"
}
]
},
"product_name": "Security Verify Information Queue"
}
]
},
"vendor_name": "IBM"
}
]
}
]
}
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
}

178
2021/20xxx/CVE-2021-20410.json
View File

@ -1,93 +1,93 @@
{
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6414773 (Security Verify Information Queue)",
"url" : "https://www.ibm.com/support/pages/node/6414773",
"name" : "https://www.ibm.com/support/pages/node/6414773"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196190",
"name" : "ibm-sviq-cve202120410-info-disc (196190)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"C" : "H",
"PR" : "L",
"UI" : "N",
"I" : "N",
"SCORE" : "5.300",
"AC" : "H",
"A" : "N",
"S" : "U",
"AV" : "N"
}
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-02-11T00:00:00",
"ID" : "CVE-2021-20410"
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Verify Information Queue",
"version" : {
"version_data" : [
{
"version_value" : "1.0.6"
},
{
"version_value" : "1.0.7"
}
]
}
}
]
}
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6414773 (Security Verify Information Queue)",
"url": "https://www.ibm.com/support/pages/node/6414773",
"name": "https://www.ibm.com/support/pages/node/6414773"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196190",
"name": "ibm-sviq-cve202120410-info-disc (196190)",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text which can be read by an authenticated user using man in the middle techniques. IBM X-Force ID: 198190."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"E": "U",
"RC": "C"
},
"BM": {
"C": "H",
"PR": "L",
"UI": "N",
"I": "N",
"SCORE": "5.300",
"AC": "H",
"A": "N",
"S": "U",
"AV": "N"
}
}
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2021-02-11T00:00:00",
"ID": "CVE-2021-20410"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Verify Information Queue",
"version": {
"version_data": [
{
"version_value": "1.0.6"
},
{
"version_value": "1.0.7"
}
]
}
}
]
}
}
]
}
]
}
}
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Verify Information Queue 1.0.6 and 1.0.7 sends user credentials in plain clear text which can be read by an authenticated user using man in the middle techniques. IBM X-Force ID: 198190."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
}
}

182
2021/20xxx/CVE-2021-20411.json
View File

@ -1,93 +1,93 @@
{
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-02-11T00:00:00",
"ID" : "CVE-2021-20411",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "C",
"AV" : "A",
"SCORE" : "7.500",
"PR" : "N",
"C" : "H",
"UI" : "R",
"I" : "H",
"A" : "N",
"AC" : "H"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_format" : "MITRE",
"data_version" : "4.0",
"data_type" : "CVE",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6414777",
"name" : "https://www.ibm.com/support/pages/node/6414777",
"title" : "IBM Security Bulletin 6414777 (Security Verify Information Queue)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-sviq-cve202120411-session-fixation (196191)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196191",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "1.0.6"
},
{
"version_value" : "1.0.7"
}
]
},
"product_name" : "Security Verify Information Queue"
}
]
},
"vendor_name" : "IBM"
"CVE_data_meta": {
"DATE_PUBLIC": "2021-02-11T00:00:00",
"ID": "CVE-2021-20411",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"impact": {
"cvssv3": {
"BM": {
"S": "C",
"AV": "A",
"SCORE": "7.500",
"PR": "N",
"C": "H",
"UI": "R",
"I": "H",
"A": "N",
"AC": "H"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another user on the system due to incorrectly updating the session identifier. IBM X-Force ID: 198191.",
"lang" : "eng"
}
]
}
}
}
},
"data_format": "MITRE",
"data_version": "4.0",
"data_type": "CVE",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6414777",
"name": "https://www.ibm.com/support/pages/node/6414777",
"title": "IBM Security Bulletin 6414777 (Security Verify Information Queue)",
"refsource": "CONFIRM"
},
{
"name": "ibm-sviq-cve202120411-session-fixation (196191)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196191",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "1.0.6"
},
{
"version_value": "1.0.7"
}
]
},
"product_name": "Security Verify Information Queue"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"description": {
"description_data": [
{
"value": "IBM Security Verify Information Queue 1.0.6 and 1.0.7 could allow a user to impersonate another user on the system due to incorrectly updating the session identifier. IBM X-Force ID: 198191.",
"lang": "eng"
}
]
}
}

178
2021/20xxx/CVE-2021-20412.json
View File

@ -1,93 +1,93 @@
{
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6414779",
"name" : "https://www.ibm.com/support/pages/node/6414779",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6414779 (Security Verify Information Queue)"
},
{
"name" : "ibm-sviq-cve202120412-info-disc (196192)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196192",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"AV" : "N",
"C" : "H",
"PR" : "N",
"UI" : "N",
"I" : "N",
"SCORE" : "5.900",
"AC" : "H",
"A" : "N"
},
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
}
}
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-02-11T00:00:00",
"ID" : "CVE-2021-20412",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Verify Information Queue 1.0.6 and 1.0.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 198192."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Verify Information Queue",
"version" : {
"version_data" : [
{
"version_value" : "1.0.6"
},
{
"version_value" : "1.0.7"
}
]
}
}
]
}
"url": "https://www.ibm.com/support/pages/node/6414779",
"name": "https://www.ibm.com/support/pages/node/6414779",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6414779 (Security Verify Information Queue)"
},
{
"name": "ibm-sviq-cve202120412-info-disc (196192)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/196192",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
},
"data_type": "CVE",
"data_version": "4.0",
"data_format": "MITRE",
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"AV": "N",
"C": "H",
"PR": "N",
"UI": "N",
"I": "N",
"SCORE": "5.900",
"AC": "H",
"A": "N"
},
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
}
}
},
"CVE_data_meta": {
"DATE_PUBLIC": "2021-02-11T00:00:00",
"ID": "CVE-2021-20412",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Verify Information Queue 1.0.6 and 1.0.7 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 198192."
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Verify Information Queue",
"version": {
"version_data": [
{
"version_value": "1.0.6"
},
{
"version_value": "1.0.7"
}
]
}
}
]
}
}
]
}
]
}
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
}

50
2021/22xxx/CVE-2021-22973.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22973",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "f5sirt@f5.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIG-IP",
"version": {
"version_data": [
{
"version_value": "16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all 12.1.x versions"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.f5.com/csp/article/K13323323",
"url": "https://support.f5.com/csp/article/K13323323"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, 13.1.x before 13.1.3.5, and all 12.1.x versions, JSON parser function does not protect against out-of-bounds memory accesses or writes. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated."
}
]
}

50
2021/22xxx/CVE-2021-22974.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22974",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "f5sirt@f5.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIG-IP, BIG-IQ",
"version": {
"version_data": [
{
"version_value": "BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6 and all versions of BIG-IQ 7.x and 6.x"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Privilege escalation"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.f5.com/csp/article/K68652018",
"url": "https://support.f5.com/csp/article/K68652018"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6 and all versions of BIG-IQ 7.x and 6.x, an authenticated attacker with access to iControl REST over the control plane may be able to take advantage of a race condition to execute commands with an elevated privilege level. This vulnerability is due to an incomplete fix for CVE-2017-6167. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated."
}
]
}

50
2021/22xxx/CVE-2021-22975.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22975",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "f5sirt@f5.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "BIG-IP",
"version": {
"version_data": [
{
"version_value": "16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, and 14.1.x before 14.1.3.1"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://support.f5.com/csp/article/K21971977",
"url": "https://support.f5.com/csp/article/K21971977"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On BIG-IP version 16.0.x before 16.0.1.1, 15.1.x before 15.1.2.1, and 14.1.x before 14.1.3.1, under some circumstances, Traffic Management Microkernel (TMM) may restart on the BIG-IP system while passing large bursts of traffic. Note: Software versions which have reached End of Software Development (EoSD) are not evaluated."
}
]
}