From ecd838d73f926f9d52aedc56850dd2f1b58d063b Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 20 Mar 2022 03:01:18 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2021/28xxx/CVE-2021-28488.json | 2 +- 2021/45xxx/CVE-2021-45010.json | 2 +- 2022/23xxx/CVE-2022-23989.json | 2 +- 2022/27xxx/CVE-2022-27253.json | 18 ++++++++++++++++++ 4 files changed, 21 insertions(+), 3 deletions(-) create mode 100644 2022/27xxx/CVE-2022-27253.json diff --git a/2021/28xxx/CVE-2021-28488.json b/2021/28xxx/CVE-2021-28488.json index 6f12c9d78ee..b3c5be811c7 100644 --- a/2021/28xxx/CVE-2021-28488.json +++ b/2021/28xxx/CVE-2021-28488.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network that was not set to be accessible to the entire group (i.e., was only set to be accessible to a subset of that group)." + "value": "Ericsson Network Manager (ENM) before 21.2 has incorrect access-control behavior (that only affects the level of access available to persons who were already granted a highly privileged role). Users in the same AMOS authorization group can retrieve managed-network data that was not set to be accessible to the entire group (i.e., was only set to be accessible to a subset of that group)." } ] }, diff --git a/2021/45xxx/CVE-2021-45010.json b/2021/45xxx/CVE-2021-45010.json index d8d3ad43cf6..4b4b84a0446 100644 --- a/2021/45xxx/CVE-2021-45010.json +++ b/2021/45xxx/CVE-2021-45010.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "A Path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager Project's Tiny File Manager <= 2.4.6 allows remote attackers with valid user accounts to upload malicious PHP files to the webroot and achieve code execution on the target server." + "value": "A path traversal vulnerability in the file upload functionality in tinyfilemanager.php in Tiny File Manager before 2.4.7 allows remote attackers (with valid user accounts) to upload malicious PHP files to the webroot, leading to code execution." } ] }, diff --git a/2022/23xxx/CVE-2022-23989.json b/2022/23xxx/CVE-2022-23989.json index f03a6c74e23..d8ca162d42e 100644 --- a/2022/23xxx/CVE-2022-23989.json +++ b/2022/23xxx/CVE-2022-23989.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "In Stormshield Network Security (SNS) 3.7.6 through 3.7.24, 3.11.1 through 3.11.12, 4.2.1 through 4.2.9, and 4.3.0 through 4.3.4, a flood of connections to the SSLVPN service might lead to saturation of the loopback interface. This could result in the blocking of almost all network traffic, making the firewall unreachable. An attacker could exploit this via forged and properly timed traffic to cause a denial of service." + "value": "In Stormshield Network Security (SNS) before 3.7.25, 3.8.x through 3.11.x before 3.11.13, 4.x before 4.2.10, and 4.3.x before 4.3.5, a flood of connections to the SSLVPN service might lead to saturation of the loopback interface. This could result in the blocking of almost all network traffic, making the firewall unreachable. An attacker could exploit this via forged and properly timed traffic to cause a denial of service." } ] }, diff --git a/2022/27xxx/CVE-2022-27253.json b/2022/27xxx/CVE-2022-27253.json new file mode 100644 index 00000000000..7891c89eedd --- /dev/null +++ b/2022/27xxx/CVE-2022-27253.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-27253", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file