admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2021/CVE-2021-292xx/CVE-2021-29215.json
René Helmke 7791f18b51 bootstrap
2023-05-16 16:09:41 +02:00

132 lines
4.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2021-29215",
"sourceIdentifier": "security-alert@hpe.com",
"published": "2022-01-18T17:15:08.267",
"lastModified": "2022-01-26T16:11:04.783",
"vulnStatus": "Analyzed",
"descriptions": [
{
"lang": "en",
"value": "A potential security vulnerability in HPE Ezmeral Data Fabric that may allow a remote access restriction bypass in the TEZ MapR ecosystem component was discovered in version(s): Prior to Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; prior to Tez-0.9: mapr-tez-0.9.201907090334-1.noarch; prior to Tez-0.9.2: mapr-tez-0.9.2.0.201907081043-1.noarch. HPE has provided software updates to resolve the vulnerability in the TEZ MapR ecosystem component in HPE Ezmeral Data Fabric."
},
{
"lang": "es",
"value": "Se ha detectado una posible vulnerabilidad de seguridad en HPE Ezmeral Data Fabric que puede permitir una omisi\u00f3n de restricci\u00f3n de acceso remoto en el componente del ecosistema TEZ MapR en las versiones Anteriores a Tez-0.8: mapr-tez-0.8.201907081100-1.noarch; anteriores a Tez-0.9: mapr-tez-0.9.201907090334-1.noarch; anteriores a Tez-0.9.2: mapr-tez-0.9.2.0.201907081043-1.noarch. HPE ha proporcionado actualizaciones de software para resolver la vulnerabilidad en el componente del ecosistema TEZ MapR en HPE Ezmeral Data Fabric"
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"operator": "AND",
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hpe:tez:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.8",
"versionEndIncluding": "0.8.201907081100-1.noarch",
"matchCriteriaId": "4FBA9289-6DB0-4AF4-AD39-AB3762607474"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hpe:tez:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.9",
"versionEndExcluding": "0.9.201907090334-1.noarch",
"matchCriteriaId": "7F7DF1E5-8DEB-454F-A00F-DE0AEE3D884D"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:hpe:tez:*:*:*:*:*:*:*:*",
"versionStartIncluding": "0.9.2",
"versionEndIncluding": "0.9.2.0.201907081043-1.noarch",
"matchCriteriaId": "BFFC8A68-7DCB-4F73-A158-543CE9AB6ECF"
}
]
},
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": false,
"criteria": "cpe:2.3:a:hpe:ezmeral_data_fabric:-:*:*:*:*:*:*:*",
"matchCriteriaId": "F5BCF94C-4525-43AB-AFE1-8840F8C21A6F"
}
]
}
]
}
],
"references": [
{
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbez04196en_us",
"source": "security-alert@hpe.com",
"tags": [
"Vendor Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink