mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 09:41:31 +00:00
118 lines
3.3 KiB
JSON
118 lines
3.3 KiB
JSON
|
{
|
||
|
|
"id": "CVE-2021-31004",
|
||
|
|
"sourceIdentifier": "cve@mitre.org",
|
||
|
|
"published": "2021-08-24T19:15:24.613",
|
||
|
|
"lastModified": "2022-05-31T21:38:37.327",
|
||
|
|
"vulnStatus": "Analyzed",
|
||
|
|
"descriptions": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "A race condition was addressed with improved locking. This issue is fixed in macOS Monterey 12.0.1, macOS Big Sur 11.5. An application may be able to gain elevated privileges."
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"lang": "es",
|
||
|
|
"value": "Se ha solucionado una condici\u00f3n de carrera con un bloqueo mejorado. Este problema se ha solucionado en macOS Monterey 12.0.1, macOS Big Sur 11.5. Una aplicaci\u00f3n puede ser capaz de obtener privilegios elevados."
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"metrics": {
|
||
|
|
"cvssMetricV31": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"cvssData": {
|
||
|
|
"version": "3.1",
|
||
|
|
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
|
||
|
|
"attackVector": "LOCAL",
|
||
|
|
"attackComplexity": "HIGH",
|
||
|
|
"privilegesRequired": "NONE",
|
||
|
|
"userInteraction": "REQUIRED",
|
||
|
|
"scope": "UNCHANGED",
|
||
|
|
"confidentialityImpact": "HIGH",
|
||
|
|
"integrityImpact": "HIGH",
|
||
|
|
"availabilityImpact": "HIGH",
|
||
|
|
"baseScore": 7.0,
|
||
|
|
"baseSeverity": "HIGH"
|
||
|
|
},
|
||
|
|
"exploitabilityScore": 1.0,
|
||
|
|
"impactScore": 5.9
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"cvssMetricV2": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"cvssData": {
|
||
|
|
"version": "2.0",
|
||
|
|
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
|
||
|
|
"accessVector": "NETWORK",
|
||
|
|
"accessComplexity": "HIGH",
|
||
|
|
"authentication": "NONE",
|
||
|
|
"confidentialityImpact": "PARTIAL",
|
||
|
|
"integrityImpact": "PARTIAL",
|
||
|
|
"availabilityImpact": "PARTIAL",
|
||
|
|
"baseScore": 5.1
|
||
|
|
},
|
||
|
|
"baseSeverity": "MEDIUM",
|
||
|
|
"exploitabilityScore": 4.9,
|
||
|
|
"impactScore": 6.4,
|
||
|
|
"acInsufInfo": false,
|
||
|
|
"obtainAllPrivilege": false,
|
||
|
|
"obtainUserPrivilege": false,
|
||
|
|
"obtainOtherPrivilege": false,
|
||
|
|
"userInteractionRequired": true
|
||
|
|
}
|
||
|
|
]
|
||
|
|
},
|
||
|
|
"weaknesses": [
|
||
|
|
{
|
||
|
|
"source": "nvd@nist.gov",
|
||
|
|
"type": "Primary",
|
||
|
|
"description": [
|
||
|
|
{
|
||
|
|
"lang": "en",
|
||
|
|
"value": "CWE-362"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"configurations": [
|
||
|
|
{
|
||
|
|
"nodes": [
|
||
|
|
{
|
||
|
|
"operator": "OR",
|
||
|
|
"negate": false,
|
||
|
|
"cpeMatch": [
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:*",
|
||
|
|
"versionStartIncluding": "11.0",
|
||
|
|
"versionEndExcluding": "11.5",
|
||
|
|
"matchCriteriaId": "AE66C45C-B3D7-444B-AE70-8EF7A380295E"
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"vulnerable": true,
|
||
|
|
"criteria": "cpe:2.3:o:apple:macos:12.0.0:*:*:*:*:*:*:*",
|
||
|
|
"matchCriteriaId": "255504D8-BE6E-4378-AB81-C65970EB6408"
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|
||
|
|
],
|
||
|
|
"references": [
|
||
|
|
{
|
||
|
|
"url": "https://support.apple.com/en-us/HT212602",
|
||
|
|
"source": "cve@mitre.org",
|
||
|
|
"tags": [
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
},
|
||
|
|
{
|
||
|
|
"url": "https://support.apple.com/en-us/HT212869",
|
||
|
|
"source": "cve@mitre.org",
|
||
|
|
"tags": [
|
||
|
|
"Vendor Advisory"
|
||
|
|
]
|
||
|
|
}
|
||
|
|
]
|
||
|
|
}
|