From e97e8214b51f6f4afa122866a6ce135d24ea23a9 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Fri, 18 Jun 2021 20:00:53 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/33xxx/CVE-2021-33823.json | 61 +++++++++++++++++++++++++++---- 2021/33xxx/CVE-2021-33824.json | 66 ++++++++++++++++++++++++++++++---- 2 files changed, 115 insertions(+), 12 deletions(-) diff --git a/2021/33xxx/CVE-2021-33823.json b/2021/33xxx/CVE-2021-33823.json index acb143c8a47..496d7ab9144 100644 --- a/2021/33xxx/CVE-2021-33823.json +++ b/2021/33xxx/CVE-2021-33823.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-33823", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-33823", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attacker could send a huge amount of TCP SYN packet to make web service's resource exhausted. Then the web server is denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/modbus-tcp-gateways/mgate-mb3180-mb3280-mb3480-series", + "refsource": "MISC", + "name": "https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/modbus-tcp-gateways/mgate-mb3180-mb3280-mb3480-series" + }, + { + "refsource": "MISC", + "name": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33823.md", + "url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33823.md" } ] } diff --git a/2021/33xxx/CVE-2021-33824.json b/2021/33xxx/CVE-2021-33824.json index eb8982ec002..a83d66ee791 100644 --- a/2021/33xxx/CVE-2021-33824.json +++ b/2021/33xxx/CVE-2021-33824.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-33824", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-33824", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered on MOXA Mgate MB3180 Version 2.1 Build 18113012. Attackers can use slowhttptest tool to send incomplete HTTP request, which could make server keep waiting for the packet to finish the connection, until its resource exhausted. Then the web server is denial-of-service." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/shekyan/slowhttptest", + "refsource": "MISC", + "name": "https://github.com/shekyan/slowhttptest" + }, + { + "url": "https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/modbus-tcp-gateways/mgate-mb3180-mb3280-mb3480-series", + "refsource": "MISC", + "name": "https://www.moxa.com/en/products/industrial-edge-connectivity/protocol-gateways/modbus-tcp-gateways/mgate-mb3180-mb3280-mb3480-series" + }, + { + "refsource": "MISC", + "name": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33824.md", + "url": "https://github.com/Jian-Xian/CVE-POC/blob/master/CVE-2021-33824.md" } ] }