From b8fa5715d456b98cc21be957ec2b43cc6e71f1ec Mon Sep 17 00:00:00 2001 From: ylavic Date: Fri, 22 Oct 2021 00:23:54 +0200 Subject: [PATCH] Apache Storm --- 2021/38xxx/CVE-2021-38294.json | 108 ++++++++++++++++++++++++++++++--- 2021/40xxx/CVE-2021-40865.json | 107 +++++++++++++++++++++++++++++--- 2 files changed, 201 insertions(+), 14 deletions(-) diff --git a/2021/38xxx/CVE-2021-38294.json b/2021/38xxx/CVE-2021-38294.json index 0113a3e05c8..3c3b0674f4f 100644 --- a/2021/38xxx/CVE-2021-38294.json +++ b/2021/38xxx/CVE-2021-38294.json @@ -1,18 +1,112 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@apache.org", "ID": "CVE-2021-38294", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Shell Command Injection Vulnerability in Nimbus Thrift Server" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache Storm", + "version": { + "version_data": [ + { + "platform": "Non-Windows", + "version_affected": ">=", + "version_name": "Apache Storm", + "version_value": "v1.0.0" + }, + { + "version_affected": "<", + "version_name": "Apache Storm", + "version_value": "v1.2.4" + }, + { + "version_affected": "<", + "version_name": "Apache Storm", + "version_value": "v2.1.1" + }, + { + "version_affected": "<", + "version_name": "Apache Storm", + "version_value": "v2.2.1" + }, + { + "version_affected": "<", + "version_name": "Apache Storm", + "version_value": "v2.3.0" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Apache Storm would like to thank @pwntester Alvaro Muñoz of the GitHub Security Lab team for reporting this issue." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Command Injection vulnerability exists in the getTopologyHistory service of the Apache Storm 2.x prior to 2.2.1 and Apache Storm 1.x prior to 1.2.4. A specially crafted thrift request to the Nimbus server allows Remote Code Execution (RCE) prior to authentication. " } ] - } + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": [ + { + "other": "high" + } + ], + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://lists.apache.org/thread.html/r5fe881f6ca883908b7a0f005d35115af49f43beea7a8b0915e377859%40%3Cuser.storm.apache.org%3E" + }, + { + "refsource": "CONFIRM", + "url": "https://seclists.org/oss-sec/2021/q4/44" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + }, + "work_around": [ + { + "lang": "eng", + "value": "Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0\nApache Storm 2.1.x users should upgrade to version 2.1.1\nApache Storm 1.x users should upgrade to version 1.2.4" + } + ] } \ No newline at end of file diff --git a/2021/40xxx/CVE-2021-40865.json b/2021/40xxx/CVE-2021-40865.json index b492f572d13..5b7c5fecd18 100644 --- a/2021/40xxx/CVE-2021-40865.json +++ b/2021/40xxx/CVE-2021-40865.json @@ -1,18 +1,111 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "security@apache.org", "ID": "CVE-2021-40865", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Unsafe Pre-Authentication Deserialization In Workers" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Apache Storm", + "version": { + "version_data": [ + { + "version_affected": ">=", + "version_name": "Apache Storm ", + "version_value": "v1.0.0" + }, + { + "version_affected": "<", + "version_name": "Apache Storm", + "version_value": "v1.2.4" + }, + { + "version_affected": "<", + "version_name": "Apache Storm", + "version_value": "v2.1.1" + }, + { + "version_affected": "<", + "version_name": "Apache Storm", + "version_value": "v2.2.1" + }, + { + "version_affected": "<", + "version_name": "Apache Storm", + "version_value": "v2.3.0" + } + ] + } + } + ] + }, + "vendor_name": "Apache Software Foundation" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Apache Storm would like to thank @pwntester Alvaro Muñoz of the GitHub Security Lab team for reporting this issue." + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Unsafe Deserialization vulnerability exists in the worker services of the Apache Storm supervisor server allowing pre-auth Remote Code Execution (RCE). Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0. Apache Storm 2.1.x users should upgrade to version 2.1.1. Apache Storm 1.x users should upgrade to version 1.2.4" } ] - } + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": [ + { + "other": "high" + } + ], + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-502 Deserialization of Untrusted Data" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "url": "https://lists.apache.org/thread.html/r8d45e74299897b6734dd0f788c46a631009ce2eeb731523386f7a253%40%3Cuser.storm.apache.org%3E" + }, + { + "refsource": "CONFIRM", + "url": "https://seclists.org/oss-sec/2021/q4/45" + } + ] + }, + "source": { + "discovery": "UNKNOWN" + }, + "work_around": [ + { + "lang": "eng", + "value": "Apache Storm 2.2.x users should upgrade to version 2.2.1 or 2.3.0\nApache Storm 2.1.x users should upgrade to version 2.1.1\nApache Storm 1.x users should upgrade to version 1.2.4" + } + ] } \ No newline at end of file