mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-07 11:06:39 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
26a1bdd2ec
commit
f27d2b05fb
@ -1,17 +1,61 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-30216",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2021-30216",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Zoho Web mail version NA is affected by an incorrect access control vulnerability. Before a domain expires one needs to configure with Zoho web mail to send mails. Upon domain expiry, the person would still be able to send mail with that account, despite losing ownership of domain."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://medium.com/nestedif/vulnerability-disclosure-business-logic-allowing-to-send-emails-for-expired-transferred-hosts-4dc0868ded14",
|
||||
"refsource": "MISC",
|
||||
"name": "https://medium.com/nestedif/vulnerability-disclosure-business-logic-allowing-to-send-emails-for-expired-transferred-hosts-4dc0868ded14"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -71,6 +71,11 @@
|
||||
"refsource": "MISC",
|
||||
"url": "https://lists.apache.org/thread/o15j25qwtpcw62k48xw1tnv48skh3zgb",
|
||||
"name": "https://lists.apache.org/thread/o15j25qwtpcw62k48xw1tnv48skh3zgb"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20211116 CVE-2021-37580: Apache ShenYu Admin bypass JWT authentication",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2021/11/16/1"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -34,7 +34,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. If it is installed on a jailbroken device, it is possible to retrieve the PIN code used to access the application."
|
||||
"value": "An issue was discovered in the RCDevs OpenOTP app 1.4.13 and 1.4.14 for iOS. If it is installed on a jailbroken device, it is possible to retrieve the PIN code used to access the application. The IOS app version 1.4.1631262629 resolves this issue by storing a hash PIN code."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -118,7 +118,7 @@
|
||||
"credit": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Kaveh Razavi, Patrick Jattke, Stijn Gunter; Eidgenössische Technische Hochschule (ETH) Zürich"
|
||||
"value": "Kaveh Razavi, Patrick Jattke, Stijn Gunter; Eidgen\u00f6ssische Technische Hochschule (ETH) Z\u00fcrich"
|
||||
},
|
||||
{
|
||||
"lang": "eng",
|
||||
@ -173,11 +173,6 @@
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"name": "https://comsec.ethz.ch/wp-content/files/blacksmith_sp22.pdf",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://comsec.ethz.ch/wp-content/files/blacksmith_sp22.pdf"
|
||||
},
|
||||
{
|
||||
"name": "https://comsec.ethz.ch/research/dram/blacksmith/",
|
||||
"refsource": "MISC",
|
||||
@ -187,6 +182,11 @@
|
||||
"name": "https://github.com/comsec-group/blacksmith",
|
||||
"refsource": "MISC",
|
||||
"url": "https://github.com/comsec-group/blacksmith"
|
||||
},
|
||||
{
|
||||
"name": "https://comsec.ethz.ch/wp-content/files/blacksmith_sp22.pdf",
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://comsec.ethz.ch/wp-content/files/blacksmith_sp22.pdf"
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -196,7 +196,7 @@
|
||||
"work_around": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Using ECC DRAM substantially increases the difficulty of carrying out Rowhammer attacks on systems, although previous work [1] showed that it does not provide complete protection.\n\n[1] L. Cojocar, K. Razavi, C. Giuffrida, and H. Bos, “Exploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks,” San Francisco, CA, USA, May 2019, pp. 55–71. DOI: 10.1109/SP.2019.00089. "
|
||||
"value": "Using ECC DRAM substantially increases the difficulty of carrying out Rowhammer attacks on systems, although previous work [1] showed that it does not provide complete protection.\n\n[1] L. Cojocar, K. Razavi, C. Giuffrida, and H. Bos, \u201cExploiting Correcting Codes: On the Effectiveness of ECC Memory Against Rowhammer Attacks,\u201d San Francisco, CA, USA, May 2019, pp. 55\u201371. DOI: 10.1109/SP.2019.00089. "
|
||||
}
|
||||
]
|
||||
}
|
||||
Loading…
x
Reference in New Issue
Block a user