admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/34xxx/CVE-2021-34602.json
Jochen Becker d9b193c8f8 add 9 CVEs
2022-04-27 17:10:21 +02:00

194 lines
8.2 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2022-04-27T10:00:00.000Z",
"ID": "CVE-2021-34602",
"STATE": "PUBLIC",
"TITLE": "Bender Charge Controller: Long URL could lead to webserver crash"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "CC612",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.11.x",
"version_value": "5.11.2"
},
{
"version_affected": "<",
"version_name": "5.12.x",
"version_value": "5.12.5"
},
{
"version_affected": "<",
"version_name": "5.13.x",
"version_value": "5.13.2"
},
{
"version_affected": "<",
"version_name": "5.20.x",
"version_value": "5.20.2"
}
]
}
},
{
"product_name": "CC613",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.11.x",
"version_value": "5.11.2"
},
{
"version_affected": "<",
"version_name": "5.12.x",
"version_value": "5.12.5"
},
{
"version_affected": "<",
"version_name": "5.13.x",
"version_value": "5.13.2"
},
{
"version_affected": "<",
"version_name": "5.20.x",
"version_value": "5.20.2"
}
]
}
},
{
"product_name": "ICC15xx",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.11.x",
"version_value": "5.11.2"
},
{
"version_affected": "<",
"version_name": "5.12.x",
"version_value": "5.12.5"
},
{
"version_affected": "<",
"version_name": "5.13.x",
"version_value": "5.13.2"
},
{
"version_affected": "<",
"version_name": "5.20.x",
"version_value": "5.20.2"
}
]
}
},
{
"product_name": "ICC16xx",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "5.11.x",
"version_value": "5.11.2"
},
{
"version_affected": "<",
"version_name": "5.12.x",
"version_value": "5.12.5"
},
{
"version_affected": "<",
"version_name": "5.13.x",
"version_value": "5.13.2"
},
{
"version_affected": "<",
"version_name": "5.20.x",
"version_value": "5.20.2"
}
]
}
}
]
},
"vendor_name": "Bender / ebee"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Bender thanks Qianxin StarV Security Lab, China. The issue was coordinated by CERT@VDE."
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web interface. An authenticated attacker could enter shell commands into some input fields that are executed with root privileges."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/en/advisories/VDE-2021-047",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en/advisories/VDE-2021-047"
}
]
},
"source": {
"advisory": "VDE-2021-047",
"defect": [
"CERT@VDE#64027"
],
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink