admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2021/32xxx/CVE-2021-32530.json
CVE Team 81ee999124
"-Synchronized-Data."
2021-07-22 11:00:58 +00:00

95 lines
2.9 KiB
JSON
Raw Blame History

{
"CVE_data_meta": {
"AKA": "TWCERT/CC",
"ASSIGNER": "cve@cert.org.tw",
"DATE_PUBLIC": "2021-07-07T12:12:00.000Z",
"ID": "CVE-2021-32530",
"STATE": "PUBLIC",
"TITLE": "QSAN XEVO - Command Injection Following via Array function"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "XEVO",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_value": "1.2.0"
}
]
}
}
]
},
"vendor_name": "QSAN"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated attackers to execute arbitrary commands via status parameter. The referred vulnerability has been solved with the updated version of QSAN XEVO v2.1.0."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.twcert.org.tw/tw/cp-132-4886-d3b14-1.html",
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-4886-d3b14-1.html"
}
]
},
"solution": [
{
"lang": "eng",
"value": "QSAN XEVO v2.1.0"
}
],
"source": {
"advisory": "TVN-202104035",
"discovery": "EXTERNAL"
}
}
Reference in New Issue View Git Blame Copy Permalink