admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

IBM20210726-8432

Browse Source 
Added CVE-2021-29767, CVE-2021-20560, CVE-2021-29784, CVE-2021-29770, CVE-2021-20431, CVE-2021-29766, CVE-2021-20337, CVE-2020-4623, CVE-2021-29769, CVE-2021-20430
This commit is contained in:
Scott Moore - IBM 2021-07-26 08:04:32 -04:00
parent 3e8c9d0027
commit f67442904d
No known key found for this signature in database
GPG Key ID: 8E6C411D57F2D75C
10 changed files with 924 additions and 150 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

102
2020/4xxx/CVE-2020-4623.json
View File

@ -1,18 +1,90 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4623",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"description" : {
"description_data" : [
{
"value" : "IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6474857 (i2 iBase)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6474857",
"name" : "https://www.ibm.com/support/pages/node/6474857"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/184984",
"name" : "ibm-i2-cve20204623-code-exec (184984)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "i2 iBase",
"version" : {
"version_data" : [
{
"version_value" : "8.9.13"
}
]
}
}
]
}
}
]
}
}
]
}
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Gain Privileges",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"A" : "H",
"I" : "H",
"SCORE" : "7.700",
"AC" : "L",
"C" : "H",
"UI" : "R",
"AV" : "L",
"PR" : "H",
"S" : "C"
}
}
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4623",
"DATE_PUBLIC" : "2021-07-23T00:00:00"
}
}

111
2021/20xxx/CVE-2021-20337.json
View File

@ -1,18 +1,99 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20337",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2021-07-23T00:00:00",
"ID" : "CVE-2021-20337",
"STATE" : "PUBLIC"
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"PR" : "N",
"AV" : "N",
"UI" : "N",
"C" : "H",
"AC" : "H",
"SCORE" : "5.900",
"I" : "N",
"A" : "N"
},
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 194448."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "QRadar SIEM",
"version" : {
"version_data" : [
{
"version_value" : "7.3.0"
},
{
"version_value" : "7.4.0"
},
{
"version_value" : "7.4.3"
},
{
"version_value" : "7.3.Patch.8"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6474847",
"url" : "https://www.ibm.com/support/pages/node/6474847",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6474847 (QRadar SIEM)"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-qradar-cve202120337-info-disc (194448)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/194448"
}
]
}
}

108
2021/20xxx/CVE-2021-20430.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20430",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6474861 (i2 Analyze)",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6474861",
"name" : "https://www.ibm.com/support/pages/node/6474861"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196341",
"name" : "ibm-i2-cve202120430-info-disc (196341)"
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "4.3.0"
},
{
"version_value" : "4.3.1"
},
{
"version_value" : "4.3.2"
}
]
},
"product_name" : "i2 Analyze"
}
]
}
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196341."
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-07-23T00:00:00",
"ID" : "CVE-2021-20430",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "N",
"SCORE" : "5.300",
"I" : "N",
"C" : "L",
"AC" : "L",
"UI" : "N",
"AV" : "N",
"PR" : "N",
"S" : "U"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_type" : "CVE"
}

108
2021/20xxx/CVE-2021-20431.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20431",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_type" : "CVE",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"I" : "N",
"SCORE" : "4.300",
"A" : "N",
"AV" : "N",
"UI" : "R",
"C" : "L",
"AC" : "L",
"PR" : "N",
"S" : "U"
}
}
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-07-23T00:00:00",
"ID" : "CVE-2021-20431",
"ASSIGNER" : "psirt@us.ibm.com"
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. IBM X-Force ID: 196342."
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6474865",
"url" : "https://www.ibm.com/support/pages/node/6474865",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6474865 (i2 Analyst's Notebook Premium)"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/196342",
"name" : "ibm-i2-cve202120431-info-disc (196342)"
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "i2 Analyst's Notebook Premium",
"version" : {
"version_data" : [
{
"version_value" : "9.2.0"
},
{
"version_value" : "9.2.1"
},
{
"version_value" : "9.2.2"
}
]
}
}
]
}
}
]
}
}
]
}
}
}

105
2021/20xxx/CVE-2021-20560.json
View File

@ -1,18 +1,93 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-20560",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 199229."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "1.5.0.2"
},
{
"version_value" : "1.4.1.1"
}
]
},
"product_name" : "Sterling Connect:Direct Browser User Interface"
}
]
}
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6474829 (Sterling Connect:Direct Browser User Interface)",
"name" : "https://www.ibm.com/support/pages/node/6474829",
"url" : "https://www.ibm.com/support/pages/node/6474829"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/199229",
"name" : "ibm-sterling-cve202120560-clickjacking (199229)"
}
]
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-07-23T00:00:00",
"ID" : "CVE-2021-20560",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "C",
"PR" : "L",
"AC" : "L",
"C" : "L",
"AV" : "N",
"UI" : "R",
"A" : "N",
"I" : "L",
"SCORE" : "5.400"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"data_format" : "MITRE"
}

108
2021/29xxx/CVE-2021-29766.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29766",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2021-07-23T00:00:00",
"ID" : "CVE-2021-29766",
"ASSIGNER" : "psirt@us.ibm.com"
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"E" : "U",
"RL" : "O"
},
"BM" : {
"AV" : "N",
"UI" : "N",
"AC" : "L",
"C" : "L",
"I" : "N",
"SCORE" : "5.300",
"A" : "N",
"S" : "U",
"PR" : "N"
}
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6474881",
"url" : "https://www.ibm.com/support/pages/node/6474881",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6474881 (i2 Analyze)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/202680",
"name" : "ibm-i2-cve202129766-info-disc (202680)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "4.3.0"
},
{
"version_value" : "4.3.1"
},
{
"version_value" : "4.3.2"
}
]
},
"product_name" : "i2 Analyze"
}
]
}
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202680.",
"lang" : "eng"
}
]
}
}

108
2021/29xxx/CVE-2021-29767.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29767",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-07-23T00:00:00",
"ID" : "CVE-2021-29767",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"PR" : "N",
"S" : "U",
"SCORE" : "5.300",
"I" : "N",
"A" : "N",
"AV" : "N",
"UI" : "N",
"C" : "L",
"AC" : "L"
}
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202681."
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "9.2.0"
},
{
"version_value" : "9.2.1"
},
{
"version_value" : "9.2.2"
}
]
},
"product_name" : "i2 Analyst's Notebook Premium"
}
]
}
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6474885 (i2 Analyst's Notebook Premium)",
"name" : "https://www.ibm.com/support/pages/node/6474885",
"url" : "https://www.ibm.com/support/pages/node/6474885"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/202681",
"name" : "ibm-i2-cve202129767-info-disc (202681)"
}
]
}
}

108
2021/29xxx/CVE-2021-29769.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29769",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"PR" : "N",
"AC" : "H",
"C" : "L",
"UI" : "R",
"AV" : "N",
"A" : "N",
"SCORE" : "3.100",
"I" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ID" : "CVE-2021-29769",
"DATE_PUBLIC" : "2021-07-23T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "4.3.0"
},
{
"version_value" : "4.3.1"
},
{
"version_value" : "4.3.2"
}
]
},
"product_name" : "i2 Analyze"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6474883",
"url" : "https://www.ibm.com/support/pages/node/6474883",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6474883 (i2 Analyze)"
},
{
"title" : "X-Force Vulnerability Report",
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/202769",
"name" : "ibm-i2-cve202129769-info-disc (202769)"
}
]
},
"description" : {
"description_data" : [
{
"value" : "IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 202769.",
"lang" : "eng"
}
]
}
}

108
2021/29xxx/CVE-2021-29770.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29770",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "C",
"PR" : "L",
"AV" : "N",
"UI" : "R",
"C" : "N",
"AC" : "L",
"I" : "L",
"SCORE" : "4.100",
"A" : "N"
},
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
}
}
},
"data_format" : "MITRE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2021-07-23T00:00:00",
"ID" : "CVE-2021-29770",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Access"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6474877",
"name" : "https://www.ibm.com/support/pages/node/6474877",
"title" : "IBM Security Bulletin 6474877 (i2 Analyze)",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"name" : "ibm-i2-cve202129770-input-validation (202771)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/202771"
}
]
},
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "4.3.0"
},
{
"version_value" : "4.3.1"
},
{
"version_value" : "4.3.2"
}
]
},
"product_name" : "i2 Analyze"
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771.",
"lang" : "eng"
}
]
}
}

108
2021/29xxx/CVE-2021-29784.json
View File

@ -1,18 +1,96 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-29784",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6474875",
"url" : "https://www.ibm.com/support/pages/node/6474875",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6474875 (i2 Analyze)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/203168",
"name" : "ibm-i2-cve202129784-info-disc (203168)",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product" : {
"product_data" : [
{
"product_name" : "i2 Analyze",
"version" : {
"version_data" : [
{
"version_value" : "4.3.0"
},
{
"version_value" : "4.3.1"
},
{
"version_value" : "4.3.2"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
}
]
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 203168.",
"lang" : "eng"
}
]
},
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2021-29784",
"DATE_PUBLIC" : "2021-07-23T00:00:00"
},
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"E" : "U",
"RC" : "C"
},
"BM" : {
"S" : "U",
"PR" : "L",
"AV" : "N",
"UI" : "N",
"AC" : "L",
"C" : "L",
"I" : "N",
"SCORE" : "4.300",
"A" : "N"
}
}
},
"data_format" : "MITRE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"data_type" : "CVE"
}