diff --git a/2021/29xxx/CVE-2021-29785.json b/2021/29xxx/CVE-2021-29785.json index 313a4cdfbd8..40b5df69a59 100644 --- a/2021/29xxx/CVE-2021-29785.json +++ b/2021/29xxx/CVE-2021-29785.json @@ -1,93 +1,93 @@ { - "references" : { - "reference_data" : [ - { - "name" : "https://www.ibm.com/support/pages/node/6541974", - "refsource" : "CONFIRM", - "title" : "IBM Security Bulletin 6541974 (Security SOAR)", - "url" : "https://www.ibm.com/support/pages/node/6541974" - }, - { - "refsource" : "XF", - "name" : "ibm-resilient-cve202129785-info-disc (203169)", - "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/203169", - "title" : "X-Force Vulnerability Report" - } - ] - }, - "description" : { - "description_data" : [ - { - "lang" : "eng", - "value" : "IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 203169." - } - ] - }, - "CVE_data_meta" : { - "STATE" : "PUBLIC", - "ID" : "CVE-2021-29785", - "DATE_PUBLIC" : "2022-01-19T00:00:00", - "ASSIGNER" : "psirt@us.ibm.com" - }, - "affects" : { - "vendor" : { - "vendor_data" : [ + "references": { + "reference_data": [ { - "vendor_name" : "IBM", - "product" : { - "product_data" : [ - { - "product_name" : "Security SOAR", - "version" : { - "version_data" : [ - { - "version_value" : "42" - }, - { - "version_value" : "43" - } - ] - } - } - ] - } + "name": "https://www.ibm.com/support/pages/node/6541974", + "refsource": "CONFIRM", + "title": "IBM Security Bulletin 6541974 (Security SOAR)", + "url": "https://www.ibm.com/support/pages/node/6541974" + }, + { + "refsource": "XF", + "name": "ibm-resilient-cve202129785-info-disc (203169)", + "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/203169", + "title": "X-Force Vulnerability Report" } - ] - } - }, - "impact" : { - "cvssv3" : { - "TM" : { - "RL" : "O", - "RC" : "C", - "E" : "U" - }, - "BM" : { - "S" : "U", - "SCORE" : "5.900", - "C" : "H", - "A" : "N", - "UI" : "N", - "AC" : "H", - "AV" : "N", - "I" : "N", - "PR" : "N" - } - } - }, - "data_format" : "MITRE", - "data_version" : "4.0", - "data_type" : "CVE", - "problemtype" : { - "problemtype_data" : [ - { - "description" : [ - { - "value" : "Obtain Information", - "lang" : "eng" - } + ] + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 203169." + } + ] + }, + "CVE_data_meta": { + "STATE": "PUBLIC", + "ID": "CVE-2021-29785", + "DATE_PUBLIC": "2022-01-19T00:00:00", + "ASSIGNER": "psirt@us.ibm.com" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "IBM", + "product": { + "product_data": [ + { + "product_name": "Security SOAR", + "version": { + "version_data": [ + { + "version_value": "42" + }, + { + "version_value": "43" + } + ] + } + } + ] + } + } ] - } - ] - } -} + } + }, + "impact": { + "cvssv3": { + "TM": { + "RL": "O", + "RC": "C", + "E": "U" + }, + "BM": { + "S": "U", + "SCORE": "5.900", + "C": "H", + "A": "N", + "UI": "N", + "AC": "H", + "AV": "N", + "I": "N", + "PR": "N" + } + } + }, + "data_format": "MITRE", + "data_version": "4.0", + "data_type": "CVE", + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "value": "Obtain Information", + "lang": "eng" + } + ] + } + ] + } +} \ No newline at end of file diff --git a/2021/46xxx/CVE-2021-46061.json b/2021/46xxx/CVE-2021-46061.json index df92b17f440..f351d736279 100644 --- a/2021/46xxx/CVE-2021-46061.json +++ b/2021/46xxx/CVE-2021-46061.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-46061", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-46061", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An SQL Injection vulnerability exists in Sourcecodester Computer and Mobile Repair Shop Management system (RSMS) 1.0 via the code parameter in /rsms/ node app." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/RSMS-1.0", + "refsource": "MISC", + "name": "https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/RSMS-1.0" } ] }