From 6e1ae07a28d4318b5beca0f903edae99f12dc9e2 Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Fri, 25 Mar 2022 15:52:34 +0100 Subject: [PATCH 01/10] First three --- review_set/2021/26xxx/CVE-2021-26471.json | 406 ++++++++++------------ review_set/2021/26xxx/CVE-2021-26472.json | 405 ++++++++++----------- review_set/2021/26xxx/CVE-2021-26473.json | 406 ++++++++++------------ 3 files changed, 563 insertions(+), 654 deletions(-) diff --git a/review_set/2021/26xxx/CVE-2021-26471.json b/review_set/2021/26xxx/CVE-2021-26471.json index 295be2075b24..955cdbf3421d 100644 --- a/review_set/2021/26xxx/CVE-2021-26471.json +++ b/review_set/2021/26xxx/CVE-2021-26471.json @@ -1,225 +1,195 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "en", - "value": "Addional research by Frank Breedijk" - } - ], - "datePublic": "2021-07-07T00:00:00", - "descriptions": [ - { - "lang": "en", - "value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-26471", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000" + }, + "title": "Unauthenticated remote command execution in Vembu products", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-78", + "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "type": "CWE" + } + ] + } + ], + "impacts": [ + { + "capecId": "CAPEC-88", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-88 OS Command Injection" + } + ] + } + ], + "affected": [ + { + "vendor": "Vembu", + "product": "VembuBDR", + "versions": [ + { + "status": "affected", + "version": "3.5.0.0" + }, + { + "status": "affected", + "version": "3.7.0" + }, + { + "status": "affected", + "version": "3.8.0" + }, + { + "status": "affected", + "version": "3.9.0" + }, + { + "status": "affected", + "version": "3.9.0 update 1" + }, + { + "status": "affected", + "version": "3.9.1 update 1" + }, + { + "status": "affected", + "version": "4.0.0" }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/cves/CVE-2021-26471/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://www.wbsec.nl/vembu" - } - ], - "source": { - "advisory": "DIVD-2020-00011", - "discovery": "EXTERNAL" + { + "status": "affected", + "version": "4.0.1" }, - "title": "Unauthenticated remote command execution in Vembu products", - "x_generator": { - "engine": "Vulnogram 0.0.9" + { + "status": "affected", + "version": "4.0.2" }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "DATE_PUBLIC": "2021-07-07T10:49:00.000Z", - "ID": "CVE-2021-26471", - "STATE": "PUBLIC", - "TITLE": "Unauthenticated remote command execution in Vembu products" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "eng", - "value": "Addional research by Frank Breedijk" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/cves/CVE-2021-26471/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/cves/CVE-2021-26471/" - }, - { - "name": "https://csirt.divd.nl/cases/DIVD-2020-00011/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/" - }, - { - "name": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/" - }, - { - "name": "https://www.wbsec.nl/vembu", - "refsource": "CONFIRM", - "url": "https://www.wbsec.nl/vembu" - } - ] - }, - "source": { - "advisory": "DIVD-2020-00011", - "discovery": "EXTERNAL" - } + { + "status": "affected", + "version": "4.1.0" + }, + { + "status": "affected", + "version": "4.2.0" + }, + { + "status": "affected", + "version": "4.2.0.1" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "VembuOffsiteDR", + "versions": [ + { + "status": "affected", + "version": "4.2.0" + }, + { + "status": "affected", + "version": "4.2.0.1" + } + ], + "defaultStatus": "unknown" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\n\n\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands.\n\n\n\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\n\n\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1, the http API located at /sgwebservice_o.php accepts a command argument. Using this command argument an unauthenticated attacker can execute arbitrary shell commands.\n\n
\n\n" } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/cves/CVE-2021-26471/", + "tags": [ + "technical-description" + ] + }, + { + "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://www.wbsec.nl/vembu", + "tags": [ + "product" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" + } + } + ], + "source": { + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + }, + { + "lang": "en", + "value": "Additional research by Frank Breedijk of DIVD", + "type": "analyst" } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-26471", - "datePublished": "2021-07-07T00:00:00", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ] + } + } } \ No newline at end of file diff --git a/review_set/2021/26xxx/CVE-2021-26472.json b/review_set/2021/26xxx/CVE-2021-26472.json index 0cd809415567..188f994141e6 100644 --- a/review_set/2021/26xxx/CVE-2021-26472.json +++ b/review_set/2021/26xxx/CVE-2021-26472.json @@ -1,225 +1,194 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "en", - "value": "Addional research by Frank Breedijk" - } - ], - "datePublic": "2021-07-07T00:00:00", - "descriptions": [ - { - "lang": "en", - "value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 10.0, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-26472", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000" + }, + "title": "Unauthenticated remote command execution with SYSTEM privileges in Vembu products", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-78", + "description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')", + "type": "CWE" + } + ] + } + ], + "impacts": [ + { + "capecId": "CAPEC-88", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-88 OS Command Injection" + } + ] + } + ], + "affected": [ + { + "vendor": "Vembu", + "product": "VembuBDR", + "versions": [ + { + "status": "affected", + "version": "3.5.0.0" + }, + { + "status": "affected", + "version": "3.7.0" + }, + { + "status": "affected", + "version": "3.8.0" + }, + { + "status": "affected", + "version": "3.9.0" + }, + { + "status": "affected", + "version": "3.9.0 update 1" + }, + { + "status": "affected", + "version": "3.9.1 update 1" + }, + { + "status": "affected", + "version": "4.0.0" }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://www.wbsec.nl/vembu" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/cves/CVE-2021-26472/" - } - ], - "source": { - "advisory": "DIVD-2020-00011", - "discovery": "EXTERNAL" + { + "status": "affected", + "version": "4.0.1" }, - "title": "Unauthenticated remote command execution with SYSTEM privileges in Vembu products", - "x_generator": { - "engine": "Vulnogram 0.0.9" + { + "status": "affected", + "version": "4.0.2" }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "DATE_PUBLIC": "2021-07-07T10:49:00.000Z", - "ID": "CVE-2021-26472", - "STATE": "PUBLIC", - "TITLE": "Unauthenticated remote command execution with SYSTEM privileges in Vembu products" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "eng", - "value": "Addional research by Frank Breedijk" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 10, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/cases/DIVD-2020-00011/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/" - }, - { - "name": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/" - }, - { - "name": "https://www.wbsec.nl/vembu", - "refsource": "CONFIRM", - "url": "https://www.wbsec.nl/vembu" - }, - { - "name": "https://csirt.divd.nl/cves/CVE-2021-26472/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/cves/CVE-2021-26472/" - } - ] - }, - "source": { - "advisory": "DIVD-2020-00011", - "discovery": "EXTERNAL" - } + { + "status": "affected", + "version": "4.1.0" + }, + { + "status": "affected", + "version": "4.2.0" + }, + { + "status": "affected", + "version": "4.2.0.1" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "VembuOffsiteDR", + "versions": [ + { + "status": "affected", + "version": "4.2.0" + }, + { + "status": "affected", + "version": "4.2.0.1" + } + ], + "defaultStatus": "unknown" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n\n" } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/cves/CVE-2021-26472/", + "tags": [ + "technical-description" + ] + }, + { + "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://www.wbsec.nl/vembu", + "tags": [ + "product" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" + } + } + ], "source": { + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + }, + { + "lang": "en", + "value": "Additional research by Frank Breedijk of DIVD", + "type": "analyst" } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-26472", - "datePublished": "2021-07-07T00:00:00", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ] + } + } } \ No newline at end of file diff --git a/review_set/2021/26xxx/CVE-2021-26473.json b/review_set/2021/26xxx/CVE-2021-26473.json index fc6f173ca100..0e5beaee9836 100644 --- a/review_set/2021/26xxx/CVE-2021-26473.json +++ b/review_set/2021/26xxx/CVE-2021-26473.json @@ -1,225 +1,195 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "en", - "value": "Addional research by Frank Breedijk" - } - ], - "datePublic": "2021-07-07T00:00:00", - "descriptions": [ - { - "lang": "en", - "value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-26473", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000" + }, + "title": "Unauthenticated arbitrary file upload and command execution in Vembu products", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-434", + "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", + "type": "CWE" + } + ] + } + ], + "impacts": [ + { + "capecId": "CAPEC-253", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-253 Remote Code Inclusion" + } + ] + } + ], + "affected": [ + { + "vendor": "Vembu", + "product": "VembuBDR", + "versions": [ + { + "status": "affected", + "version": "3.5.0.0" + }, + { + "status": "affected", + "version": "3.7.0" + }, + { + "status": "affected", + "version": "3.8.0" + }, + { + "status": "affected", + "version": "3.9.0" + }, + { + "status": "affected", + "version": "3.9.0 update 1" + }, + { + "status": "affected", + "version": "3.9.1 update 1" + }, + { + "status": "affected", + "version": "4.0.0" }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://www.wbsec.nl/vembu" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/cves/CVE-2021-26473/" - } - ], - "source": { - "advisory": "DIVD-2020-00011", - "discovery": "EXTERNAL" + { + "status": "affected", + "version": "4.0.1" }, - "title": "Unauthenticated arbitrary file upload and command execution in Vembu products", - "x_generator": { - "engine": "Vulnogram 0.0.9" + { + "status": "affected", + "version": "4.0.2" }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "DATE_PUBLIC": "2021-07-07T10:49:00.000Z", - "ID": "CVE-2021-26473", - "STATE": "PUBLIC", - "TITLE": "Unauthenticated arbitrary file upload and command execution in Vembu products" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "eng", - "value": "Addional research by Frank Breedijk" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/cases/DIVD-2020-00011/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/" - }, - { - "name": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/" - }, - { - "name": "https://www.wbsec.nl/vembu", - "refsource": "CONFIRM", - "url": "https://www.wbsec.nl/vembu" - }, - { - "name": "https://csirt.divd.nl/cves/CVE-2021-26473/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/cves/CVE-2021-26473/" - } - ] - }, - "source": { - "advisory": "DIVD-2020-00011", - "discovery": "EXTERNAL" - } + { + "status": "affected", + "version": "4.1.0" + }, + { + "status": "affected", + "version": "4.2.0" + }, + { + "status": "affected", + "version": "4.2.0.1" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "VembuOffsiteDR", + "versions": [ + { + "status": "affected", + "version": "4.2.0" + }, + { + "status": "affected", + "version": "4.2.0.1" + } + ], + "defaultStatus": "unknown" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n\n" } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/cves/CVE-2021-26473/", + "tags": [ + "technical-description" + ] + }, + { + "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://www.wbsec.nl/vembu", + "tags": [ + "product" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 10, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" + } + } + ], + "source": { + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + }, + { + "lang": "en", + "value": "Additional research by Frank Breedijk of DIVD", + "type": "analyst" } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-26473", - "datePublished": "2021-07-07T00:00:00", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ] + } + } } \ No newline at end of file From bf9e8e3b884fcc27bbd784aff9bd131d5a0e5744 Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Fri, 25 Mar 2022 16:33:28 +0100 Subject: [PATCH 02/10] CVE-2021-26474 --- review_set/2021/26xxx/CVE-2021-26474.json | 1095 ++++++++++++++++----- 1 file changed, 874 insertions(+), 221 deletions(-) diff --git a/review_set/2021/26xxx/CVE-2021-26474.json b/review_set/2021/26xxx/CVE-2021-26474.json index a83192527b11..6872537fe109 100644 --- a/review_set/2021/26xxx/CVE-2021-26474.json +++ b/review_set/2021/26xxx/CVE-2021-26474.json @@ -1,225 +1,878 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "en", - "value": "Addional research by Frank Breedijk" - } - ], - "datePublic": "2021-07-07T00:00:00", - "descriptions": [ - { - "lang": "en", - "value": "Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery (Other products or versions of products in this family may be affected too.)" - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 8.6, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://www.wbsec.nl/vembu" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/cves/CVE-2021-26474/" - } - ], - "source": { - "advisory": "DIVD-2020-00011", - "discovery": "EXTERNAL" - }, - "title": "UNAUTHENTICATED SERVER SIDE REQUEST FORGERY IN VEMBU PRODUCTS", - "x_generator": { - "engine": "Vulnogram 0.0.9" - }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "DATE_PUBLIC": "2021-07-07T10:49:00.000Z", - "ID": "CVE-2021-26474", - "STATE": "PUBLIC", - "TITLE": "UNAUTHENTICATED SERVER SIDE REQUEST FORGERY IN VEMBU PRODUCTS" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "eng", - "value": "Addional research by Frank Breedijk" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery (Other products or versions of products in this family may be affected too.)" - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 8.6, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/cases/DIVD-2020-00011/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/" - }, - { - "name": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/" - }, - { - "name": "https://www.wbsec.nl/vembu", - "refsource": "CONFIRM", - "url": "https://www.wbsec.nl/vembu" - }, - { - "name": "https://csirt.divd.nl/cves/CVE-2021-26474/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/cves/CVE-2021-26474/" - } - ] - }, - "source": { - "advisory": "DIVD-2020-00011", - "discovery": "EXTERNAL" - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-26474", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000" + }, + "title": "Unauthenticated server side request forgery in Vembu Products", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-918", + "description": "CWE-918 Server-Side Request Forgery (SSRF)", + "type": "CWE" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-26474", - "datePublished": "2021-07-07T00:00:00", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-664", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-664 Server Side Request Forgery" + } + ] + } + ], + "affected": [ + { + "vendor": "Vembu", + "product": "VembuBDR", + "versions": [ + { + "status": "affected", + "version": "3.5.0.0" + }, + { + "status": "affected", + "version": "3.7.0" + }, + { + "status": "affected", + "version": "3.8.0" + }, + { + "status": "affected", + "version": "3.9.0" + }, + { + "status": "affected", + "version": "3.9.0 update 1" + }, + { + "status": "affected", + "version": "3.9.1 update 1" + }, + { + "status": "affected", + "version": "4.0.0" + }, + { + "status": "affected", + "version": "4.0.1" + }, + { + "status": "affected", + "version": "4.0.2" + }, + { + "status": "affected", + "version": "4.1.0" + }, + { + "status": "affected", + "version": "4.2.0" + }, + { + "status": "affected", + "version": "4.2.0.1" + }, + { + "status": "affected", + "version": "6.1.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "360DR", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "BackSpace", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "BackupService", + "versions": [ + { + "status": "affected", + "version": "5.2.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "BackupSolution", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "BaltnetaOnlineBackup", + "versions": [ + { + "status": "affected", + "version": "4.1.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "ClearPointBackup", + "versions": [ + { + "status": "affected", + "version": "4.4.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "CloudStor", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "CloudStore", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "CtrlSDataAssurance", + "versions": [ + { + "status": "affected", + "version": "3.5.0.0" + }, + { + "status": "affected", + "version": "4.2.0" + }, + { + "status": "affected", + "version": "4.2.0.0" + }, + { + "status": "affected", + "version": "4.4.0.0" + }, + { + "status": "affected", + "version": "4.4.2" + }, + { + "status": "affected", + "version": "4.5.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "DataAddicts", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "DataBackup", + "versions": [ + { + "status": "affected", + "version": "4.3.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "DataCrib", + "versions": [ + { + "status": "affected", + "version": "5.2.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "DataVault", + "versions": [ + { + "status": "affected", + "version": "5.1.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "DBS", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "EclipseBaaS", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "EnklareBackup", + "versions": [ + { + "status": "affected", + "version": "5.1.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "FastBackup", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "Guardian", + "versions": [ + { + "status": "affected", + "version": "4.4.0" + }, + { + "status": "affected", + "version": "4.4.0.0" + }, + { + "status": "affected", + "version": "5.1.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "HotlinkBackup", + "versions": [ + { + "status": "affected", + "version": "4.4.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "IronVault", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "iwksbackup", + "versions": [ + { + "status": "affected", + "version": "5.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "Level365OnlineBackup", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "LocalTel_RDS", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "MBCBackup", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "Netbackup", + "versions": [ + { + "status": "affected", + "version": "5.2.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "NetrepidHostedBackups", + "versions": [ + { + "status": "affected", + "version": "4.4.1" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "OffsiteVAULT", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "OnlineBackup_Client", + "versions": [ + { + "status": "affected", + "version": "4.4.0" + }, + { + "status": "affected", + "version": "4.4.0.0" + }, + { + "status": "affected", + "version": "5.1.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "OnyxSync", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "Opusbackup", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "P2VOnlineBackup", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "ProdigyBackup", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "QloudwiseBackup", + "versions": [ + { + "status": "affected", + "version": "4.4.2" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "RAKVault", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "ReflexBackups", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "RemoteDataRecovery", + "versions": [ + { + "status": "affected", + "version": "5.1.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "saf-gate", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "SamcoStore", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "StoreGrid", + "versions": [ + { + "status": "affected", + "version": "3.1.0.0" + }, + { + "status": "affected", + "version": "3.5.0.0" + }, + { + "status": "affected", + "version": "4.0.0.0" + }, + { + "status": "affected", + "version": "4.2.1" + }, + { + "status": "affected", + "version": "4.2.1.0" + }, + { + "status": "affected", + "version": "4.4.0" + }, + { + "status": "affected", + "version": "4.4.0.0" + }, + { + "status": "affected", + "version": "4.4.1" + }, + { + "status": "affected", + "version": "4.4.1.0" + }, + { + "status": "affected", + "version": "4.5.0" + }, + { + "status": "affected", + "version": "5.0.0" + }, + { + "status": "affected", + "version": "5.1.0" + }, + { + "status": "affected", + "version": "5.2.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "StoreSafeDC", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "StorNet", + "versions": [ + { + "status": "affected", + "version": "4.4.0" + }, + { + "status": "affected", + "version": "5.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "STPOffsite", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "Syntax", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "TBITBackup", + "versions": [ + { + "status": "affected", + "version": "5.1.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "TechNetBackup", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "TheDataVault", + "versions": [ + { + "status": "affected", + "version": "4.5.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "TitanBackup", + "versions": [ + { + "status": "affected", + "version": "5.1.0" + }, + { + "status": "affected", + "version": "5.2.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "TruStor", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + }, + { + "status": "affected", + "version": "3.5.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "UndergroundBackups", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "VELOCIsecure", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "VembuOffsiteDR", + "versions": [ + { + "status": "affected", + "version": "4.2.0.1" + }, + { + "status": "affected", + "version": "4.2.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "WrightOnline", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "XpressSTOR", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + }, + { + "vendor": "Vembu", + "product": "ZipData", + "versions": [ + { + "status": "affected", + "version": "4.4.0.0" + } + ], + "defaultStatus": "unknown" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n\n" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/cves/CVE-2021-26474/", + "tags": [ + "technical-description" + ] + }, + { + "url": "https://csirt.divd.nl/cases/DIVD-2020-00011/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/2021/05/11/Vembu-zero-days/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://www.wbsec.nl/vembu", + "tags": [ + "product" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 8.6, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N" + } + } + ], + "source": { + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + }, + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + }, + { + "lang": "en", + "value": "Additional research by Frank Breedijk of DIVD", + "type": "analyst" + } + ] + } + } } \ No newline at end of file From d41e69805d01c7384ee079c5830314b66485e2c0 Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Fri, 25 Mar 2022 10:48:53 +0100 Subject: [PATCH 03/10] CVE-2021-26473 From 5b3860ba9f16424a18c0a0f6d6172241e57f8412 Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Mon, 28 Mar 2022 17:32:41 +0200 Subject: [PATCH 04/10] Kaseya --- review_set/2021/30xxx/CVE-2021-30116.json | 365 ++++++++++----------- review_set/2021/30xxx/CVE-2021-30117.json | 365 ++++++++++----------- review_set/2021/30xxx/CVE-2021-30118.json | 354 ++++++++------------- review_set/2021/30xxx/CVE-2021-30119.json | 340 ++++++++------------ review_set/2021/30xxx/CVE-2021-30120.json | 327 ++++++++----------- review_set/2021/30xxx/CVE-2021-30121.json | 362 +++++++++------------ review_set/2021/30xxx/CVE-2021-30201.json | 367 +++++++++------------- 7 files changed, 1029 insertions(+), 1451 deletions(-) diff --git a/review_set/2021/30xxx/CVE-2021-30116.json b/review_set/2021/30xxx/CVE-2021-30116.json index 67b24c581446..4100c754b42a 100644 --- a/review_set/2021/30xxx/CVE-2021-30116.json +++ b/review_set/2021/30xxx/CVE-2021-30116.json @@ -1,211 +1,162 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "en", - "value": "Additional research by Frank Breedijk" - } - ], - "descriptions": [ - { - "lang": "en", - "value": "Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 10.0, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/07/04/Kaseya-Case-Update-2/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689-Important-Notice-July-2nd-2021" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - } - ], - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "EXTERNAL" - }, - "title": "Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6", - "x_generator": { - "engine": "Vulnogram 0.0.9" - }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-30116", - "STATE": "PUBLIC", - "TITLE": "Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "eng", - "value": "Additional research by Frank Breedijk" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 10, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/2021/07/04/Kaseya-Case-Update-2/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/07/04/Kaseya-Case-Update-2/" - }, - { - "name": "https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689-Important-Notice-July-2nd-2021", - "refsource": "CONFIRM", - "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689-Important-Notice-July-2nd-2021" - }, - { - "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - } - ] - }, - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "EXTERNAL" - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-30116", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Unauthenticated credential leak and business logic flaw in Kaseya VSA <= v9.5.6", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-522", + "description": "CWE-522 Insufficiently Protected Credentials", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-30116", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-115", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-115 Authentication Bypass" + } + ] + } + ], + "affected": [ + { + "vendor": "Kaseya", + "product": "Kaseya VSA on premise", + "versions": [ + { + "status": "affected", + "version": "v9.0", + "lessThanOrEqual": "v9.5.6" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021.\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Kaseya VSA before 9.5.7 allows credential disclosure, as exploited in the wild in July 2021.
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/2021/07/04/Kaseya-Case-Update-2/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/4403440684689-Important-Notice-July-2nd-2021", + "tags": [ + "vendor-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "tags": [ + "third-party-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" + } + } + ], + "configurations": [ + { + "lang": "en", + "value": "On premise version only", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "On premise version only" + } + ] + } + ], + "exploits": [ + { + "lang": "en", + "value": "Exploited in the wild", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Exploited in the wild" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + }, + { + "lang": "en", + "value": "Additional research by Frank Breedijk of DIVD", + "type": "analyst" + } + ], + "source": { + "advisory": "DIVD-2021-00011", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file diff --git a/review_set/2021/30xxx/CVE-2021-30117.json b/review_set/2021/30xxx/CVE-2021-30117.json index 72314a9d05b3..461505f009d8 100644 --- a/review_set/2021/30xxx/CVE-2021-30117.json +++ b/review_set/2021/30xxx/CVE-2021-30117.json @@ -1,207 +1,166 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "en", - "value": "Additional research by Frank Breedijk" - } - ], - "descriptions": [ - { - "lang": "en", - "value": "SQL injection exists in Kaseya VSA before 9.5.6." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_MISC" - ], - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019966738-9-5-6-Feature-Release-8-May-2021" - } - ], - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "UNKNOWN" - }, - "title": "Authenticated SQL injection in Kaseya VSA < v9.5.6", - "x_generator": { - "engine": "Vulnogram 0.0.9" - }, - "x_legacyV4Record": { - "CVE_data_meta": { - "AKA": "", - "ASSIGNER": "cve@mitre.org", - "DATE_PUBLIC": "", - "ID": "CVE-2021-30117", - "STATE": "PUBLIC", - "TITLE": "Authenticated SQL injection in Kaseya VSA < v9.5.6" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "configuration": [], - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "eng", - "value": "Additional research by Frank Breedijk" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "SQL injection exists in Kaseya VSA before 9.5.6." - } - ] - }, - "exploit": [], - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", - "refsource": "MISC", - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "name": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019966738-9-5-6-Feature-Release-8-May-2021", - "refsource": "CONFIRM", - "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019966738-9-5-6-Feature-Release-8-May-2021" - } - ] - }, - "solution": [], - "source": { - "advisory": "DIVD-2021-00011", - "defect": [], - "discovery": "UNKNOWN" - }, - "work_around": [] + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-30117", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Authenticated SQL injection in Kaseya VSA < v9.5.6", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-89", + "description": "CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-30117", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-66", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-66 SQL Injection" + } + ] + } + ], + "affected": [ + { + "vendor": "Kaseya", + "product": "Kaseya VSA", + "versions": [ + { + "status": "affected", + "version": "v9.0", + "lessThan": "v9.5.6" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Authenticated SQL injection exists in Kaseya VSA before 9.5.6.\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Authenticated SQL injection exists in Kaseya VSA before 9.5.6.
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019966738-9-5-6-Feature-Release-8-May-2021", + "tags": [ + "vendor-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 7.2, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" + } + }, + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "In combination with CVE-2021-30116" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" + } + } + ], + "configurations": [ + { + "lang": "en", + "value": "Both the SaaS and on Premise version are vulnerable", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Both the SaaS and on Premise version are vulnerable" + } + ] + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + }, + { + "lang": "en", + "value": "Additional research by Frank Breedijk of DIVD", + "type": "analyst" + } + ], + "source": { + "advisory": "DIVD-2021-00011", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file diff --git a/review_set/2021/30xxx/CVE-2021-30118.json b/review_set/2021/30xxx/CVE-2021-30118.json index ae66944fdf68..c7495f3781de 100644 --- a/review_set/2021/30xxx/CVE-2021-30118.json +++ b/review_set/2021/30xxx/CVE-2021-30118.json @@ -1,222 +1,140 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "en", - "value": "Additional research by Frank Breedijk" - } - ], - "descriptions": [ - { - "lang": "en", - "value": "Kaseya VSA before 9.5.5 allows remote code execution." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/CVE-2021-30118" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/DIVD-2021-00011" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019054377-9-5-5-Feature-Release-10-April-2021" - } - ], - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "UNKNOWN" - }, - "title": "Unauthenticated Remote Code Execution in Kaseya VSA < v9.5.5", - "x_generator": { - "engine": "Vulnogram 0.0.9" - }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-30118", - "STATE": "PUBLIC", - "TITLE": "Unauthenticated Remote Code Execution in Kaseya VSA < v9.5.5" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "eng", - "value": "Additional research by Frank Breedijk" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Kaseya VSA before 9.5.5 allows remote code execution." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.8, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "name": "https://csirt.divd.nl/CVE-2021-30118", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/CVE-2021-30118" - }, - { - "name": "https://csirt.divd.nl/DIVD-2021-00011", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/DIVD-2021-00011" - }, - { - "name": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019054377-9-5-5-Feature-Release-10-April-2021", - "refsource": "CONFIRM", - "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019054377-9-5-5-Feature-Release-10-April-2021" - } - ] - }, - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "UNKNOWN" - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-30118", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Unauthenticated Remote Code Execution in Kaseya VSA < v9.5.5", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "description": "n/a", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-30118", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-175", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-175 Code Inclusion" + } + ] + } + ], + "affected": [ + { + "vendor": "Kaseya", + "product": "Kasey VSA", + "versions": [ + { + "status": "affected", + "version": "n/a" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Kaseya VSA before 9.5.5 allows remote code execution.\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Kaseya VSA before 9.5.5 allows remote code execution.
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/CVE-2021-30118", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/DIVD-2021-00011", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019054377-9-5-5-Feature-Release-10-April-2021", + "tags": [ + "release-notes" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.8, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + }, + { + "lang": "en", + "value": "Additional research by Frank Breedijk of DIVD", + "type": "analyst" + } + ], + "source": { + "advisory": "DIVD-2021-00011", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file diff --git a/review_set/2021/30xxx/CVE-2021-30119.json b/review_set/2021/30xxx/CVE-2021-30119.json index c053f6e15fea..192999745451 100644 --- a/review_set/2021/30xxx/CVE-2021-30119.json +++ b/review_set/2021/30xxx/CVE-2021-30119.json @@ -1,211 +1,137 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "en", - "value": "Additional research by Frank Breedijk and Hidde Smit" - } - ], - "descriptions": [ - { - "lang": "en", - "value": "Cross Site Scripting (XSS) exists in Kaseya VSA before 9.5.7." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/DIVD-2021-00011" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/CVE-2021-30119" - } - ], - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "EXTERNAL" - }, - "title": "Authenticated Authenticated reflective XSS in Kaseya VSA <= v9.5.6", - "x_generator": { - "engine": "Vulnogram 0.0.9" - }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-30119", - "STATE": "PUBLIC", - "TITLE": "Authenticated Authenticated reflective XSS in Kaseya VSA <= v9.5.6" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "eng", - "value": "Additional research by Frank Breedijk and Hidde Smit" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Cross Site Scripting (XSS) exists in Kaseya VSA before 9.5.7." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.4, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "LOW", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "name": "https://csirt.divd.nl/DIVD-2021-00011", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/DIVD-2021-00011" - }, - { - "name": "https://csirt.divd.nl/CVE-2021-30119", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/CVE-2021-30119" - } - ] - }, - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "EXTERNAL" - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-30119", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Authenticated Authenticated reflective XSS in Kaseya VSA <= v9.5.6", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-79", + "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-30119", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-63", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-63 Cross-Site Scripting (XSS)" + } + ] + } + ], + "affected": [ + { + "vendor": "Kaseya", + "product": "Kaseya VSA", + "versions": [ + { + "status": "affected", + "version": "v9.0", + "lessThanOrEqual": "v9.5.6" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nCross Site Scripting (XSS) exists in Kaseya VSA before 9.5.7.\n\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\nCross Site Scripting (XSS) exists in Kaseya VSA before 9.5.7.\n\n
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "tags": [ + "vendor-advisory", + "release-notes" + ] + }, + { + "url": "https://csirt.divd.nl/DIVD-2021-00011", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/CVE-2021-30119", + "tags": [ + "third-party-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 5.4, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra", + "type": "finder" + }, + { + "lang": "en", + "value": "Additional research by Frank Breedijk and Hidde Smit", + "type": "analyst" + } + ], + "source": { + "advisory": "DIVD-2021-00011", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file diff --git a/review_set/2021/30xxx/CVE-2021-30120.json b/review_set/2021/30xxx/CVE-2021-30120.json index 5274644c0995..fd20bcbbcd67 100644 --- a/review_set/2021/30xxx/CVE-2021-30120.json +++ b/review_set/2021/30xxx/CVE-2021-30120.json @@ -1,203 +1,132 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - } - ], - "descriptions": [ - { - "lang": "en", - "value": "Kaseya VSA through 9.5.7 allows attackers to bypass the 2FA requirement." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.9, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csrit.divd.nl/DIVD-2021-00011" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csrit.divd.nl/CVE-2021-30120" - } - ], - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "EXTERNAL" - }, - "title": "2FA bypass in Kaseya VSA <= v9.5.6", - "x_generator": { - "engine": "Vulnogram 0.0.9" - }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-30120", - "STATE": "PUBLIC", - "TITLE": "2FA bypass in Kaseya VSA <= v9.5.6" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Kaseya VSA through 9.5.7 allows attackers to bypass the 2FA requirement." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.9, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "name": "https://csrit.divd.nl/DIVD-2021-00011", - "refsource": "CONFIRM", - "url": "https://csrit.divd.nl/DIVD-2021-00011" - }, - { - "name": "https://csrit.divd.nl/CVE-2021-30120", - "refsource": "CONFIRM", - "url": "https://csrit.divd.nl/CVE-2021-30120" - } - ] - }, - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "EXTERNAL" - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-30120", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "2FA bypass in Kaseya VSA <= v9.5.6", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-287", + "description": "CWE-287 Improper Authentication", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-30120", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-115", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-115 Authentication Bypass" + } + ] + } + ], + "affected": [ + { + "vendor": "Kaseya", + "product": "Kaseya VSA", + "versions": [ + { + "status": "affected", + "version": "v9.0", + "lessThanOrEqual": "v9.5.6" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nKaseya VSA through 9.5.7 allows attackers to bypass the 2FA requirement.\n\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\nKaseya VSA through 9.5.7 allows attackers to bypass the 2FA requirement.\n\n
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "tags": [ + "release-notes", + "vendor-advisory" + ] + }, + { + "url": "https://csrit.divd.nl/DIVD-2021-00011", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csrit.divd.nl/CVE-2021-30120", + "tags": [ + "third-party-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + } + ], + "source": { + "advisory": "DIVD-2021-00011", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file diff --git a/review_set/2021/30xxx/CVE-2021-30121.json b/review_set/2021/30xxx/CVE-2021-30121.json index ea7eff5f2a3c..6c065b9a43de 100644 --- a/review_set/2021/30xxx/CVE-2021-30121.json +++ b/review_set/2021/30xxx/CVE-2021-30121.json @@ -1,211 +1,159 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "en", - "value": "Additional research by Frank Breedijk" - } - ], - "descriptions": [ - { - "lang": "en", - "value": "Authenticated local file inclusion in Kaseya VSA < v9.5.6" - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/DIVD-2021-00011" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/CVE-2021-30121" - } - ], - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "EXTERNAL" - }, - "title": "Authenticated local file inclusion in Kaseya VSA < v9.5.6", - "x_generator": { - "engine": "Vulnogram 0.0.9" - }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-30121", - "STATE": "PUBLIC", - "TITLE": "Authenticated local file inclusion in Kaseya VSA < v9.5.6" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - }, - { - "lang": "eng", - "value": "Additional research by Frank Breedijk" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Authenticated local file inclusion in Kaseya VSA < v9.5.6" - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "name": "https://csirt.divd.nl/DIVD-2021-00011", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/DIVD-2021-00011" - }, - { - "name": "https://csirt.divd.nl/CVE-2021-30121", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/CVE-2021-30121" - } - ] - }, - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "EXTERNAL" - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-30121", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Authenticated local file inclusion in Kaseya VSA < v9.5.6", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "description": "n/a", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-30121", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-251", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-251 Local Code Inclusion" + } + ] + } + ], + "affected": [ + { + "vendor": "Kaseya", + "product": "VSA", + "versions": [ + { + "status": "affected", + "version": "v9.0", + "lessThan": "v9.5.6" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nAuthenticated local file inclusion in Kaseya VSA < v9.5.6\n\n\n\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\n

Authenticated local file inclusion in Kaseya VSA < v9.5.6

\n\n
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/DIVD-2021-00011", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/CVE-2021-30121", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "tags": [ + "release-notes", + "vendor-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" + } + }, + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "Incombination with CVE-2021-30116" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + }, + { + "lang": "en", + "value": "Additional research by Frank Breedijk of DIVD", + "type": "analyst" + } + ], + "source": { + "advisory": "DIVD-2021-00011", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file diff --git a/review_set/2021/30xxx/CVE-2021-30201.json b/review_set/2021/30xxx/CVE-2021-30201.json index c25448199f43..eea869a89681 100644 --- a/review_set/2021/30xxx/CVE-2021-30201.json +++ b/review_set/2021/30xxx/CVE-2021-30201.json @@ -1,214 +1,161 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra" - } - ], - "descriptions": [ - { - "lang": "en", - "value": "An XML External Entity (XXE) issue exists in Kaseya VSA before 9.5.6." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019966738-9-5-6-Feature-Release-8-May-2021" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/DIVD-2021-00011" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/CVE-2021-30201" - } - ], - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "EXTERNAL" - }, - "title": "Authenticated XML External Entity vulnerability in Kaseya VSA < v9.5.6", - "x_generator": { - "engine": "Vulnogram 0.0.9" - }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-30201", - "STATE": "PUBLIC", - "TITLE": "Authenticated XML External Entity vulnerability in Kaseya VSA < v9.5.6" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An XML External Entity (XXE) issue exists in Kaseya VSA before 9.5.6." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 7.5, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/" - }, - { - "name": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019966738-9-5-6-Feature-Release-8-May-2021", - "refsource": "CONFIRM", - "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019966738-9-5-6-Feature-Release-8-May-2021" - }, - { - "name": "https://csirt.divd.nl/DIVD-2021-00011", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/DIVD-2021-00011" - }, - { - "name": "https://csirt.divd.nl/CVE-2021-30201", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/CVE-2021-30201" - } - ] - }, - "source": { - "advisory": "DIVD-2021-00011", - "discovery": "EXTERNAL" - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-30201", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Authenticated XML External Entity vulnerability in Kaseya VSA < v9.5.6", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-611", + "description": "CWE-611 Improper Restriction of XML External Entity Reference", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-30201", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-221", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-221 XML External Entities Blowup" + } + ] + } + ], + "affected": [ + { + "vendor": "Kaseya", + "product": "VSA", + "versions": [ + { + "status": "affected", + "version": "v9.0", + "lessThan": "v9.5.6" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nAn XML External Entity (XXE) issue exists in Kaseya VSA before 9.5.6.\n\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\nAn XML External Entity (XXE) issue exists in Kaseya VSA before 9.5.6.\n\n
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/2021/07/07/Kaseya-Limited-Disclosure/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://helpdesk.kaseya.com/hc/en-gb/articles/360019966738-9-5-6-Feature-Release-8-May-2021", + "tags": [ + "release-notes", + "vendor-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/DIVD-2021-00011", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/CVE-2021-30201", + "tags": [ + "third-party-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" + } + }, + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "Combined with CVE-2021-30116" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 7.5, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + } + ], + "source": { + "advisory": "DIVD-2021-00011", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file From 7865550f4dd45955ce7a9f0752ccdcc11f889a20 Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Mon, 28 Mar 2022 17:53:10 +0200 Subject: [PATCH 05/10] SmarterMail --- review_set/2021/32xxx/CVE-2021-32233.json | 240 +++++++++++---------- review_set/2021/32xxx/CVE-2021-32234.json | 245 +++++++++++----------- 2 files changed, 244 insertions(+), 241 deletions(-) diff --git a/review_set/2021/32xxx/CVE-2021-32233.json b/review_set/2021/32xxx/CVE-2021-32233.json index be8ccaebd119..70652ce9c701 100644 --- a/review_set/2021/32xxx/CVE-2021-32233.json +++ b/review_set/2021/32xxx/CVE-2021-32233.json @@ -1,119 +1,129 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "descriptions": [ - { - "lang": "en", - "value": "SmarterTools SmarterMail before Build 7776 allows XSS." - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_MISC" - ], - "url": "https://www.smartertools.com/smartermail/release-notes/current" - } - ], - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-32233", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "SmarterTools SmarterMail before Build 7776 allows XSS." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.smartertools.com/smartermail/release-notes/current", - "refsource": "MISC", - "url": "https://www.smartertools.com/smartermail/release-notes/current" - } - ] - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-32233", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "SmarterTools SmarterMail before Build 7776 allows XSS.", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-79", + "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-32233", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-63", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-63 Cross-Site Scripting (XSS)" + } + ] + } + ], + "affected": [ + { + "vendor": "Smartertools", + "product": "Smartermail", + "versions": [ + { + "status": "affected", + "version": "unknown", + "lessThan": "7776", + "versionType": "build" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "SmarterTools SmarterMail before Build 7776 allows XSS.\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "SmarterTools SmarterMail before Build 7776 allows XSS.
" + } + ] + } + ], + "references": [ + { + "url": "https://www.smartertools.com/smartermail/release-notes/current", + "tags": [ + "release-notes" + ] + }, + { + "url": "https://csirt.divd.nl/CVE-2021-32233/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/DIVD-2021-00006/" + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + } + ], + "source": { + "advisory": "CVE-2021-32233", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + } + } + } } \ No newline at end of file diff --git a/review_set/2021/32xxx/CVE-2021-32234.json b/review_set/2021/32xxx/CVE-2021-32234.json index 08ad116e246b..cdc34deabf80 100644 --- a/review_set/2021/32xxx/CVE-2021-32234.json +++ b/review_set/2021/32xxx/CVE-2021-32234.json @@ -1,130 +1,123 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "descriptions": [ - { - "lang": "en", - "value": "SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution." - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_MISC" - ], - "url": "https://www.smartertools.com/smartermail/release-notes/current" - }, - { - "tags": [ - "x_refsource_MISC" - ], - "url": "https://csirt.divd.nl/cases/DIVD-2021-00006/" - } - ], - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-32234", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.smartertools.com/smartermail/release-notes/current", - "refsource": "MISC", - "url": "https://www.smartertools.com/smartermail/release-notes/current" - }, - { - "name": "https://csirt.divd.nl/cases/DIVD-2021-00006/", - "refsource": "MISC", - "url": "https://csirt.divd.nl/cases/DIVD-2021-00006/" - } - ] - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-32234", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution.", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "description": "n/a", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-32234", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-175", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-175 Code Inclusion" + } + ] + } + ], + "affected": [ + { + "vendor": "SmarterTools", + "product": "SmarterMail", + "versions": [ + { + "status": "affected", + "version": "16.0", + "lessThan": "100.0.7803" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution.\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows remote code execution.
" + } + ] + } + ], + "references": [ + { + "url": "https://www.smartertools.com/smartermail/release-notes/current", + "tags": [ + "release-notes" + ] + }, + { + "url": "https://csirt.divd.nl/cases/DIVD-2021-00006/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/DIVD-2021-00006", + "tags": [ + "third-party-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.1, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H" + } + } + ], + "source": { + "advisory": "DIVD-2021-00006", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + } + } + } } \ No newline at end of file From 706455cb48eab8acf7ae23aa52f06e072b8f1802 Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Tue, 29 Mar 2022 14:26:32 +0200 Subject: [PATCH 06/10] unitrends --- review_set/2021/40xxx/CVE-2021-40387.json | 227 +++++++++++----------- 1 file changed, 112 insertions(+), 115 deletions(-) diff --git a/review_set/2021/40xxx/CVE-2021-40387.json b/review_set/2021/40xxx/CVE-2021-40387.json index 22d9731d74ba..871a03830fb4 100644 --- a/review_set/2021/40xxx/CVE-2021-40387.json +++ b/review_set/2021/40xxx/CVE-2021-40387.json @@ -1,119 +1,116 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "descriptions": [ - { - "lang": "en", - "value": "An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution." - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_MISC" - ], - "url": "https://csirt.divd.nl/csirt-divd-nl/cases/DIVD-2021-00014/" - } - ], - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-40387", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "An issue was discovered in the server software in Kaseya Unitrends Backup Software before 10.5.5-2. There is authenticated remote code execution." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/csirt-divd-nl/cases/DIVD-2021-00014/", - "refsource": "MISC", - "url": "https://csirt.divd.nl/csirt-divd-nl/cases/DIVD-2021-00014/" - } - ] - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-40387", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Authenticated remote corde excution in Unitrends Server < v10.5.5-2", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "description": "n/a", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-40387", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-175", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-175 Code Inclusion" + } + ] + } + ], + "affected": [ + { + "vendor": "n/a", + "product": "n/a", + "versions": [ + { + "status": "affected", + "version": "n/a" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "Authenticated remote corde excution in Unitrends Server < v10.5.5-2\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Authenticated remote corde excution in Unitrends Server < v10.5.5-2
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/csirt-divd-nl/cases/DIVD-2021-00014/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/CVE-2021-40387/", + "tags": [ + "third-party-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "HIGH", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 4.1, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L" + } + } + ], + "source": { + "advisory": "DIVD-2021-00014", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + } + } + } } \ No newline at end of file From 7bda3a1b69d2d700c1d34db8192b298b45ef6709 Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Tue, 29 Mar 2022 14:33:15 +0200 Subject: [PATCH 07/10] SmarterMail --- review_set/2021/43xxx/CVE-2021-43977.json | 251 +++++++++++----------- 1 file changed, 125 insertions(+), 126 deletions(-) diff --git a/review_set/2021/43xxx/CVE-2021-43977.json b/review_set/2021/43xxx/CVE-2021-43977.json index 0d56b2674144..999a446d391f 100644 --- a/review_set/2021/43xxx/CVE-2021-43977.json +++ b/review_set/2021/43xxx/CVE-2021-43977.json @@ -1,130 +1,129 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "n/a", - "vendor": "n/a", - "versions": [ - { - "status": "affected", - "version": "n/a" - } - ] - } - ], - "descriptions": [ - { - "lang": "en", - "value": "SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS." - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "description": "n/a", - "lang": "en", - "type": "text" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "shortName": "mitre" - }, - "references": [ - { - "tags": [ - "x_refsource_MISC" - ], - "url": "https://www.smartertools.com/smartermail/release-notes/current" - }, - { - "tags": [ - "x_refsource_MISC" - ], - "url": "https://csirt.divd.nl/cases/DIVD-2021-00006/" - } - ], - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2021-43977", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://www.smartertools.com/smartermail/release-notes/current", - "refsource": "MISC", - "url": "https://www.smartertools.com/smartermail/release-notes/current" - }, - { - "name": "https://csirt.divd.nl/cases/DIVD-2021-00006/", - "refsource": "MISC", - "url": "https://csirt.divd.nl/cases/DIVD-2021-00006/" - } - ] - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2021-43977", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "mitre", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS.", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-79", + "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", + "type": "text" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", - "assignerShortName": "mitre", - "cveId": "CVE-2021-43977", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-63", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-63 Cross-Site Scripting (XSS)" + } + ] + } + ], + "affected": [ + { + "vendor": "SmarterTools", + "product": "SmarterMail", + "versions": [ + { + "status": "affected", + "version": "16.0", + "lessThanOrEqual": "100.0.7803" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS.\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "SmarterTools SmarterMail 16.x through 100.x before 100.0.7803 allows XSS.
" + } + ] + } + ], + "references": [ + { + "url": "https://www.smartertools.com/smartermail/release-notes/current", + "tags": [ + "release-notes", + "vendor-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/cases/DIVD-2021-00006/", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/CVE-2021-43977" + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.6, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + } + ], + "source": { + "advisory": "DIVD-2021-00006", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + } + } + } } \ No newline at end of file From 71507371c897309e3c20de88c391884af7c274e0 Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Tue, 29 Mar 2022 14:40:03 +0200 Subject: [PATCH 08/10] QlikSense --- review_set/2022/0xxx/CVE-2022-0564.json | 387 ++++++++++-------------- 1 file changed, 156 insertions(+), 231 deletions(-) diff --git a/review_set/2022/0xxx/CVE-2022-0564.json b/review_set/2022/0xxx/CVE-2022-0564.json index df8364381747..6e321ad6abcf 100644 --- a/review_set/2022/0xxx/CVE-2022-0564.json +++ b/review_set/2022/0xxx/CVE-2022-0564.json @@ -1,235 +1,160 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "Qlik Sense Enterprise on Windows", - "vendor": "Qlik Sense", - "versions": [ - { - "lessThan": "14.44.0", - "status": "affected", - "version": "14.x", - "versionType": "custom" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "This issue was discovered by Hidde Smit of DIVD. " - } - ], - "datePublic": "2022-02-21T00:00:00", - "descriptions": [ - { - "lang": "en", - "value": "A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow the attacker to compare the response time that are returned by the affected system to determine which accounts are valid user accounts. Affected systems are only vulnerable if they have LDAP configured." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "cweId": "CWE-204", - "description": "CWE-204: Observable Response Discrepancy", - "lang": "en", - "type": "CWE" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", - "shortName": "DIVD" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/cases/DIVD-2021-00021" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/cves/CVE-2022-0564" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://community.qlik.com/t5/Release-Notes/Qlik-Sense-Enterprise-on-Windows-November-2021-Initial-Release/ta-p/1856531" - } - ], - "solutions": [ - { - "lang": "en", - "value": "Update Qlik Sense Enterprise on Windows to version 14.44.0 or higher." - } - ], - "source": { - "advisory": "DIVD-2021-00021", - "discovery": "INTERNAL" - }, - "title": "Qlik Sense Enterprise Domain User enumeration", - "workarounds": [ - { - "lang": "en", - "value": "Disable internet-facing NTLM endpoints, e.g. internal_windows_authentication, to avoid domain enumeration." - } - ], - "x_generator": { - "engine": "Vulnogram 0.0.9" - }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "csirt@divd.nl", - "DATE_PUBLIC": "2022-02-21T14:30:00.000Z", - "ID": "CVE-2022-0564", - "STATE": "PUBLIC", - "TITLE": "Qlik Sense Enterprise Domain User enumeration" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "Qlik Sense Enterprise on Windows", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "14.x", - "version_value": "14.44.0" - } - ] - } - } - ] - }, - "vendor_name": "Qlik Sense" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "This issue was discovered by Hidde Smit of DIVD. " - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow the attacker to compare the response time that are returned by the affected system to determine which accounts are valid user accounts. Affected systems are only vulnerable if they have LDAP configured." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 5.3, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "LOW", - "integrityImpact": "NONE", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-204: Observable Response Discrepancy" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/cases/DIVD-2021-00021", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/cases/DIVD-2021-00021" - }, - { - "name": "https://csirt.divd.nl/cves/CVE-2022-0564", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/cves/CVE-2022-0564" - }, - { - "name": "https://community.qlik.com/t5/Release-Notes/Qlik-Sense-Enterprise-on-Windows-November-2021-Initial-Release/ta-p/1856531", - "refsource": "CONFIRM", - "url": "https://community.qlik.com/t5/Release-Notes/Qlik-Sense-Enterprise-on-Windows-November-2021-Initial-Release/ta-p/1856531" - } - ] - }, - "solution": [ - { - "lang": "en", - "value": "Update Qlik Sense Enterprise on Windows to version 14.44.0 or higher." - } - ], - "source": { - "advisory": "DIVD-2021-00021", - "discovery": "INTERNAL" - }, - "work_around": [ - { - "lang": "en", - "value": "Disable internet-facing NTLM endpoints, e.g. internal_windows_authentication, to avoid domain enumeration." - } - ] + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2022-0564", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "DIVD", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "datePublished": "2022-02-20T23:00:00.000Z", + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "DIVD", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Qlik Sense Enterprise Domain User enumeration", + "datePublic": "2022-02-20T23:00:00.000Z", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-204", + "description": "CWE-204: Observable Response Discrepancy", + "type": "CWE" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", - "assignerShortName": "DIVD", - "cveId": "CVE-2022-0564", - "datePublished": "2022-02-21T00:00:00", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-575", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-575 Account Footprinting" + } + ] + } + ], + "affected": [ + { + "vendor": "Qlik Sense", + "product": "Qlik Sense Enterprise", + "platforms": [ + "Windows" + ], + "versions": [ + { + "status": "affected", + "version": "14.0", + "lessThan": "14.44.0", + "versionType": "custom" + } + ], + "defaultStatus": "unaffected" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nA vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow the attacker to compare the response time that are returned by the affected system to determine which accounts are valid user accounts. Affected systems are only vulnerable if they have LDAP configured.\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\n

A vulnerability in Qlik Sense Enterprise on Windows could allow an remote attacker to enumerate domain user accounts. An attacker could exploit this vulnerability by sending authentication requests to an affected system. A successful exploit could allow the attacker to compare the response time that are returned by the affected system to determine which accounts are valid user accounts. Affected systems are only vulnerable if they have LDAP configured.

" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/cases/DIVD-2021-00021", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/cves/CVE-2022-0564", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://community.qlik.com/t5/Release-Notes/Qlik-Sense-Enterprise-on-Windows-November-2021-Initial-Release/ta-p/1856531" + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 5.3, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N" + } + } + ], + "workarounds": [ + { + "lang": "en", + "value": "\nDisable internet-facing NTLM endpoints, e.g. internal_windows_authentication, to avoid domain enumeration.\n\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Disable internet-facing NTLM endpoints, e.g. internal_windows_authentication, to avoid domain enumeration." + } + ] + } + ], + "solutions": [ + { + "lang": "en", + "value": "\nUpdate Qlik Sense Enterprise on Windows to version 14.44.0 or higher.\n\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "Update Qlik Sense Enterprise on Windows to version 14.44.0 or higher." + } + ] + } + ], + "credits": [ + { + "lang": "en", + "value": "This issue was discovered by Hidde Smit of DIVD", + "type": "finder" + } + ], + "source": { + "advisory": "DIVD-2021-00021", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file From 6585d8f3b2641efdc91c5b5b68d26d33a6d8a82c Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Tue, 29 Mar 2022 14:53:41 +0200 Subject: [PATCH 09/10] SmarterTrack --- review_set/2022/24xxx/CVE-2022-24384.json | 318 ++++++++------------- review_set/2022/24xxx/CVE-2022-24385.json | 320 +++++++++------------ review_set/2022/24xxx/CVE-2022-24386.json | 321 +++++++++------------ review_set/2022/24xxx/CVE-2022-24387.json | 325 +++++++++------------- 4 files changed, 506 insertions(+), 778 deletions(-) diff --git a/review_set/2022/24xxx/CVE-2022-24384.json b/review_set/2022/24xxx/CVE-2022-24384.json index ffed0070d4d9..a8cbd8f90d1c 100644 --- a/review_set/2022/24xxx/CVE-2022-24384.json +++ b/review_set/2022/24xxx/CVE-2022-24384.json @@ -1,200 +1,126 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "SmarterTrack", - "vendor": "SmarterTools", - "versions": [ - { - "lessThan": "Build 8075", - "status": "affected", - "version": "100.x", - "versionType": "custom" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra of DIVD" - } - ], - "datePublic": "2022-03-11T00:00:00", - "descriptions": [ - { - "lang": "en", - "value": "Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "cweId": "CWE-79", - "description": "CWE-79 Cross-site Scripting (XSS)", - "lang": "en", - "type": "CWE" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", - "shortName": "DIVD" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/DIVD-2021-00029" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/CVE-2022-24384" - } - ], - "source": { - "advisory": "DIVD-2021-00029", - "discovery": "INTERNAL" - }, - "title": "Reflective XSS on SmarterTrack v100.0.8019.14010", - "x_generator": { - "engine": "Vulnogram 0.0.9" - }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "csirt@divd.nl", - "DATE_PUBLIC": "2022-03-11T23:00:00.000Z", - "ID": "CVE-2022-24384", - "STATE": "PUBLIC", - "TITLE": "Reflective XSS on SmarterTrack v100.0.8019.14010" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "SmarterTrack", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "100.x", - "version_value": "Build 8075" - } - ] - } - } - ] - }, - "vendor_name": "SmarterTools" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra of DIVD" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Cross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/DIVD-2021-00029", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/DIVD-2021-00029" - }, - { - "name": "https://csirt.divd.nl/CVE-2022-24384", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/CVE-2022-24384" - } - ] - }, - "source": { - "advisory": "DIVD-2021-00029", - "discovery": "INTERNAL" - } + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2022-24384", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "DIVD", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "datePublished": "2022-03-10T23:00:00.000Z", + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "DIVD", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Reflective XSS on SmarterTrack v100.0.8019.14010", + "datePublic": "2022-03-10T23:00:00.000Z", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-79", + "description": "CWE-79 Cross-site Scripting (XSS)", + "type": "CWE" } + ] } - }, - "cveMetadata": { - "assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", - "assignerShortName": "DIVD", - "cveId": "CVE-2022-24384", - "datePublished": "2022-03-11T00:00:00", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "impacts": [ + { + "capecId": "CAPEC-63", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-63 Cross-Site Scripting (XSS)" + } + ] + } + ], + "affected": [ + { + "vendor": "SmarterTools", + "product": "SmarterTrack", + "versions": [ + { + "status": "affected", + "version": "v100.0.8019.14010" + } + ], + "defaultStatus": "unknown" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nCross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.\n\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\nCross-site Scripting (XSS) vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.\n\n
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/DIVD-2021-00029", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/CVE-2022-24384", + "tags": [ + "third-party-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + } + ], + "source": { + "advisory": "DIVD-2021-00029", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file diff --git a/review_set/2022/24xxx/CVE-2022-24385.json b/review_set/2022/24xxx/CVE-2022-24385.json index 09737e2a9964..557169763ac8 100644 --- a/review_set/2022/24xxx/CVE-2022-24385.json +++ b/review_set/2022/24xxx/CVE-2022-24385.json @@ -1,200 +1,130 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "SmarterTrack", - "vendor": "SmarterTools", - "versions": [ - { - "lessThan": "Build 8075", - "status": "affected", - "version": "100.x", - "versionType": "custom" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra of DIVD" - } - ], - "datePublic": "2022-03-11T00:00:00", - "descriptions": [ - { - "lang": "en", - "value": "A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "cweId": "CWE-425", - "description": "CWE-425 Direct Request (Forced Browsing)", - "lang": "en", - "type": "CWE" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", - "shortName": "DIVD" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/DIVD-2021-00029" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/CVE-2022-24385" - } - ], - "source": { - "advisory": "DIVD-2021-00029", - "discovery": "INTERNAL" - }, - "title": "Information disclosure via direct object access on SmarterTrack v100.0.8019.14010", - "x_generator": { - "engine": "Vulnogram 0.0.9" + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2022-24385", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "DIVD", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "datePublished": "2022-03-10T23:00:00.000Z", + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "DIVD", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Information disclosure via direct object access on SmarterTrack v100.0.8019.14010", + "datePublic": "2022-03-10T23:00:00.000Z", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-425", + "description": "CWE-425 Direct Request (Forced Browsing)", + "type": "CWE" + } + ] + } + ], + "impacts": [ + { + "descriptions": [ + { + "lang": "en", + "value": "" + } + ] + } + ], + "affected": [ + { + "vendor": "SmarterTools", + "product": "SmarterTrack", + "versions": [ + { + "status": "affected", + "version": "v100.0.8019.14010" }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "csirt@divd.nl", - "DATE_PUBLIC": "2022-03-11T23:00:00.000Z", - "ID": "CVE-2022-24385", - "STATE": "PUBLIC", - "TITLE": "Information disclosure via direct object access on SmarterTrack v100.0.8019.14010" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "SmarterTrack", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "100.x", - "version_value": "Build 8075" - } - ] - } - } - ] - }, - "vendor_name": "SmarterTools" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra of DIVD" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "A Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure This issue affects: SmarterTools SmarterTrack 100.0.8019.14010." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "NONE", - "baseScore": 6.5, - "baseSeverity": "MEDIUM", - "confidentialityImpact": "HIGH", - "integrityImpact": "NONE", - "privilegesRequired": "LOW", - "scope": "UNCHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-425 Direct Request (Forced Browsing)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/DIVD-2021-00029", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/DIVD-2021-00029" - }, - { - "name": "https://csirt.divd.nl/CVE-2022-24385", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/CVE-2022-24385" - } - ] - }, - "source": { - "advisory": "DIVD-2021-00029", - "discovery": "INTERNAL" - } + { + "status": "affected", + "version": "8075", + "versionType": "build" } + ], + "defaultStatus": "unknown" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nA Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure \nThis issue affects: SmarterTools SmarterTrack 100.0.8019.14010.\n\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\nA Direct Object Access vulnerability in SmarterTools SmarterTrack leads to information disclosure
This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.\n\n
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/DIVD-2021-00029", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/CVE-2022-24385", + "tags": [ + "third-party-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "availabilityImpact": "NONE", + "baseScore": 6.5, + "baseSeverity": "MEDIUM", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" } - }, - "cveMetadata": { - "assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", - "assignerShortName": "DIVD", - "cveId": "CVE-2022-24385", - "datePublished": "2022-03-11T00:00:00", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "source": { + "advisory": "DIVD-2021-00029", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file diff --git a/review_set/2022/24xxx/CVE-2022-24386.json b/review_set/2022/24xxx/CVE-2022-24386.json index 19b08fb72a55..f3cfeac74bfc 100644 --- a/review_set/2022/24xxx/CVE-2022-24386.json +++ b/review_set/2022/24xxx/CVE-2022-24386.json @@ -1,200 +1,131 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "SmarterTrack", - "vendor": "SmarterTools", - "versions": [ - { - "lessThan": "Build 8075", - "status": "affected", - "version": "100.x", - "versionType": "custom" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Discovered by Wietse Boonstra of DIVD" - } - ], - "datePublic": "2022-03-11T00:00:00", - "descriptions": [ - { - "lang": "en", - "value": "Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010." - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "cweId": "CWE-79", - "description": "CWE-79 Cross-site Scripting (XSS)", - "lang": "en", - "type": "CWE" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", - "shortName": "DIVD" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/DIVD-2021-00029" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/CVE-2022-24386" - } - ], - "source": { - "advisory": "DIVD-2021-00029", - "discovery": "INTERNAL" - }, - "title": "Stored XSS in SmarterTrack v100.0.8019.14010", - "x_generator": { - "engine": "Vulnogram 0.0.9" + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2022-24386", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "DIVD", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "datePublished": "2022-03-10T23:00:00.000Z", + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "DIVD", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "Stored XSS in SmarterTrack v100.0.8019.14010", + "datePublic": "2022-03-10T23:00:00.000Z", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-79", + "description": "CWE-79 Cross-site Scripting (XSS)", + "type": "CWE" + } + ] + } + ], + "impacts": [ + { + "capecId": "CAPEC-592", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-592 Stored XSS" + } + ] + } + ], + "affected": [ + { + "vendor": "SmarterTools", + "product": "SmarterTrack", + "versions": [ + { + "status": "affected", + "version": "8075", + "versionType": "build" }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "csirt@divd.nl", - "DATE_PUBLIC": "2022-03-11T23:00:00.000Z", - "ID": "CVE-2022-24386", - "STATE": "PUBLIC", - "TITLE": "Stored XSS in SmarterTrack v100.0.8019.14010" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "SmarterTrack", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "100.x", - "version_value": "Build 8075" - } - ] - } - } - ] - }, - "vendor_name": "SmarterTools" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Discovered by Wietse Boonstra of DIVD" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Stored XSS in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010." - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 8.8, - "baseSeverity": "HIGH", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "NONE", - "scope": "UNCHANGED", - "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-79 Cross-site Scripting (XSS)" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/DIVD-2021-00029", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/DIVD-2021-00029" - }, - { - "name": "https://csirt.divd.nl/CVE-2022-24386", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/CVE-2022-24386" - } - ] - }, - "source": { - "advisory": "DIVD-2021-00029", - "discovery": "INTERNAL" - } + { + "status": "affected", + "version": "v100.0.8019.14010" } + ], + "defaultStatus": "unknown" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nStored XSS in SmarterTools SmarterTrack \nThis issue affects: SmarterTools SmarterTrack 100.0.8019.14010.\n\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\nStored XSS in SmarterTools SmarterTrack
This issue affects: SmarterTools SmarterTrack 100.0.8019.14010.\n\n
" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/DIVD-2021-00029", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csirt.divd.nl/CVE-2022-24386", + "tags": [ + "third-party-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 8.8, + "baseSeverity": "HIGH", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" } - }, - "cveMetadata": { - "assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", - "assignerShortName": "DIVD", - "cveId": "CVE-2022-24386", - "datePublished": "2022-03-11T00:00:00", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "source": { + "advisory": "DIVD-2021-00029", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file diff --git a/review_set/2022/24xxx/CVE-2022-24387.json b/review_set/2022/24xxx/CVE-2022-24387.json index 9ce0c85189b6..0ba0542b0fc6 100644 --- a/review_set/2022/24xxx/CVE-2022-24387.json +++ b/review_set/2022/24xxx/CVE-2022-24387.json @@ -1,197 +1,138 @@ { - "containers": { - "cna": { - "affected": [ - { - "product": "SmarterTrack", - "vendor": "SmarterTools", - "versions": [ - { - "lessThan": "Build 8075", - "status": "affected", - "version": "100.0.8019.x", - "versionType": "custom" - } - ] - } - ], - "credits": [ - { - "lang": "en", - "value": "Wietse Boonstra of DIVD" - } - ], - "descriptions": [ - { - "lang": "en", - "value": "With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010" - } - ], - "metrics": [ - { - "cvssV3_1": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.1, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - } - ], - "problemTypes": [ - { - "descriptions": [ - { - "cweId": "CWE-434", - "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", - "lang": "en", - "type": "CWE" - } - ] - } - ], - "providerMetadata": { - "dateUpdated": "2022-03-15T00:00:00", - "orgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", - "shortName": "DIVD" - }, - "references": [ - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csirt.divd.nl/DIVD-2021-00029" - }, - { - "tags": [ - "x_refsource_CONFIRM" - ], - "url": "https://csrit.divd.nl/CVE-2022-24387" - } - ], - "source": { - "advisory": "DIVD-2021-00029", - "discovery": "INTERNAL" - }, - "title": "File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010", - "x_generator": { - "engine": "Vulnogram 0.0.9" + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2022-24387", + "assignerOrgId": "00000000-0000-4000-9000-000000000000", + "assignerShortName": "DIVD", + "dateUpdated": "2022-03-14T23:00:00.000Z", + "serial": 1, + "state": "PUBLISHED" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "00000000-0000-4000-9000-000000000000", + "shortName": "DIVD", + "dateUpdated": "2022-03-14T23:00:00.000Z" + }, + "title": "File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010", + "problemTypes": [ + { + "descriptions": [ + { + "lang": "en", + "cweId": "CWE-434", + "description": "CWE-434 Unrestricted Upload of File with Dangerous Type", + "type": "CWE" + } + ] + } + ], + "impacts": [ + { + "capecId": "CAPEC-75", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-75 Manipulating Writeable Configuration Files" + } + ] + }, + { + "capecId": "CAPEC-175", + "descriptions": [ + { + "lang": "en", + "value": "CAPEC-175 Code Inclusion" + } + ] + } + ], + "affected": [ + { + "vendor": "SmarterTools", + "product": "SmarterTrack", + "versions": [ + { + "status": "affected", + "version": "100.0.8019.x" }, - "x_legacyV4Record": { - "CVE_data_meta": { - "ASSIGNER": "csirt@divd.nl", - "ID": "CVE-2022-24387", - "STATE": "PUBLIC", - "TITLE": "File upload and overwrite to app_data/Config in SmarterTrack v100.0.8019.14010" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "SmarterTrack", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_name": "100.0.8019.x", - "version_value": "Build 8075" - } - ] - } - } - ] - }, - "vendor_name": "SmarterTools" - } - ] - } - }, - "credit": [ - { - "lang": "eng", - "value": "Wietse Boonstra of DIVD" - } - ], - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. THis is possible in SmarterTrack v100.0.8019.14010" - } - ] - }, - "generator": { - "engine": "Vulnogram 0.0.9" - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "NETWORK", - "availabilityImpact": "HIGH", - "baseScore": 9.1, - "baseSeverity": "CRITICAL", - "confidentialityImpact": "HIGH", - "integrityImpact": "HIGH", - "privilegesRequired": "HIGH", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", - "version": "3.1" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-434 Unrestricted Upload of File with Dangerous Type" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://csirt.divd.nl/DIVD-2021-00029", - "refsource": "CONFIRM", - "url": "https://csirt.divd.nl/DIVD-2021-00029" - }, - { - "name": "https://csrit.divd.nl/CVE-2022-24387", - "refsource": "CONFIRM", - "url": "https://csrit.divd.nl/CVE-2022-24387" - } - ] - }, - "source": { - "advisory": "DIVD-2021-00029", - "discovery": "INTERNAL" - } + { + "status": "affected", + "version": "Build 8075", + "versionType": "build" } + ], + "defaultStatus": "unknown" + } + ], + "descriptions": [ + { + "lang": "en", + "value": "\nWith administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. \n\nThis is possible in SmarterTrack v100.0.8019.14010\n\n", + "supportingMedia": [ + { + "type": "text/html", + "base64": false, + "value": "\n\n

With administrator or admin privileges the application can be tricked into overwriting files in app_data/Config folder, e.g. the systemsettings.xml file. 

This is possible in SmarterTrack v100.0.8019.14010

" + } + ] + } + ], + "references": [ + { + "url": "https://csirt.divd.nl/DIVD-2021-00029", + "tags": [ + "third-party-advisory" + ] + }, + { + "url": "https://csrit.divd.nl/CVE-2022-24387", + "tags": [ + "third-party-advisory" + ] + } + ], + "metrics": [ + { + "format": "CVSS", + "scenarios": [ + { + "lang": "en", + "value": "GENERAL" + } + ], + "cvssV3_1": { + "version": "3.1", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "HIGH", + "userInteraction": "NONE", + "scope": "CHANGED", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "availabilityImpact": "HIGH", + "baseScore": 9.1, + "baseSeverity": "CRITICAL", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H" + } + } + ], + "credits": [ + { + "lang": "en", + "value": "Wietse Boonstra of DIVD", + "type": "finder" } - }, - "cveMetadata": { - "assignerOrgId": "b87402ff-ae37-4194-9dae-31abdbd6f217", - "assignerShortName": "DIVD", - "cveId": "CVE-2022-24387", - "dateUpdated": "2022-03-15T00:00:00", - "state": "PUBLISHED" - }, - "dataType": "CVE_RECORD", - "dataVersion": "5.0" + ], + "source": { + "advisory": "DIVD-2021-00029", + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.0.9" + } + } + } } \ No newline at end of file From 6f99835aa1f4e8acc254aa6d3622128833ca78f6 Mon Sep 17 00:00:00 2001 From: Frank Breedijk Date: Wed, 30 Mar 2022 09:04:43 +0200 Subject: [PATCH 10/10] Four-eyes review by @vcartman --- review_set/2021/26xxx/CVE-2021-26472.json | 18 +++++++++++------- review_set/2021/26xxx/CVE-2021-26473.json | 18 +++++++++--------- review_set/2021/26xxx/CVE-2021-26474.json | 18 +++++++++--------- review_set/2021/32xxx/CVE-2021-32233.json | 11 ++++++++--- review_set/2021/32xxx/CVE-2021-32234.json | 7 +++++++ review_set/2021/40xxx/CVE-2021-40387.json | 7 ++++--- 6 files changed, 48 insertions(+), 31 deletions(-) diff --git a/review_set/2021/26xxx/CVE-2021-26472.json b/review_set/2021/26xxx/CVE-2021-26472.json index 188f994141e6..e0341366b152 100644 --- a/review_set/2021/26xxx/CVE-2021-26472.json +++ b/review_set/2021/26xxx/CVE-2021-26472.json @@ -40,6 +40,9 @@ { "vendor": "Vembu", "product": "VembuBDR", + "platforms": [ + "Windows" + ], "versions": [ { "status": "affected", @@ -171,12 +174,7 @@ "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" } } - ], "source": { - "discovery": "INTERNAL" - }, - "x_generator": { - "engine": "Vulnogram 0.1.0-dev" - }, + ], "credits": [ { "lang": "en", @@ -188,7 +186,13 @@ "value": "Additional research by Frank Breedijk of DIVD", "type": "analyst" } - ] + ], + "source": { + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + } } } } \ No newline at end of file diff --git a/review_set/2021/26xxx/CVE-2021-26473.json b/review_set/2021/26xxx/CVE-2021-26473.json index 0e5beaee9836..e09da02e0188 100644 --- a/review_set/2021/26xxx/CVE-2021-26473.json +++ b/review_set/2021/26xxx/CVE-2021-26473.json @@ -111,12 +111,12 @@ "descriptions": [ { "lang": "en", - "value": "\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n\n", + "value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server.", "supportingMedia": [ { "type": "text/html", "base64": false, - "value": "\n\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n\n" + "value": "In VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 the http API located at /sgwebservice_o.php action logFilePath allows an attacker to write arbitrary files in the context of the web server process. These files can then be executed remotely by calling the file via the web server." } ] } @@ -172,12 +172,6 @@ } } ], - "source": { - "discovery": "INTERNAL" - }, - "x_generator": { - "engine": "Vulnogram 0.1.0-dev" - }, "credits": [ { "lang": "en", @@ -189,7 +183,13 @@ "value": "Additional research by Frank Breedijk of DIVD", "type": "analyst" } - ] + ], + "source": { + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + } } } } \ No newline at end of file diff --git a/review_set/2021/26xxx/CVE-2021-26474.json b/review_set/2021/26xxx/CVE-2021-26474.json index 6872537fe109..6858dc106338 100644 --- a/review_set/2021/26xxx/CVE-2021-26474.json +++ b/review_set/2021/26xxx/CVE-2021-26474.json @@ -794,12 +794,12 @@ "descriptions": [ { "lang": "en", - "value": "\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n\n", + "value": "Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery\\n\\n(Other products or versions of products in this family may be affected too.", "supportingMedia": [ { "type": "text/html", "base64": false, - "value": "\n\nIn VembuBDR before 4.2.0.1 and VembuOffsiteDR before 4.2.0.1 installed on Windows, the http API located at /consumerweb/secure/download.php. Using this command argument an unauthenticated attacker can execute arbitrary OS commands with SYSTEM privileges.\n\n" + "value": "Various Vembu products allow an attacker to execute a (non-blind) http-only Cross Site Request Forgery\\n\\n(Other products or versions of products in this family may be affected too." } ] } @@ -855,12 +855,6 @@ } } ], - "source": { - "discovery": "INTERNAL" - }, - "x_generator": { - "engine": "Vulnogram 0.1.0-dev" - }, "credits": [ { "lang": "en", @@ -872,7 +866,13 @@ "value": "Additional research by Frank Breedijk of DIVD", "type": "analyst" } - ] + ], + "source": { + "discovery": "INTERNAL" + }, + "x_generator": { + "engine": "Vulnogram 0.1.0-dev" + } } } } \ No newline at end of file diff --git a/review_set/2021/32xxx/CVE-2021-32233.json b/review_set/2021/32xxx/CVE-2021-32233.json index 70652ce9c701..6dd21600fbe3 100644 --- a/review_set/2021/32xxx/CVE-2021-32233.json +++ b/review_set/2021/32xxx/CVE-2021-32233.json @@ -50,20 +50,25 @@ "version": "unknown", "lessThan": "7776", "versionType": "build" + }, + { + "status": "affected", + "version": "unknown", + "lessThan": "100.0.7776.14290 (Apr 16, 2021)" } ], - "defaultStatus": "unaffected" + "defaultStatus": "affected" } ], "descriptions": [ { "lang": "en", - "value": "SmarterTools SmarterMail before Build 7776 allows XSS.\n", + "value": "SmarterTools SmarterMail before Build 7776 ( 100.0.7776.14290 of Apr 16, 2021 ) allows XSS.\n", "supportingMedia": [ { "type": "text/html", "base64": false, - "value": "SmarterTools SmarterMail before Build 7776 allows XSS.
" + "value": "SmarterTools SmarterMail before Build 7776 ( 100.0.7776.14290 of Apr 16, 2021 ) allows XSS.
" } ] } diff --git a/review_set/2021/32xxx/CVE-2021-32234.json b/review_set/2021/32xxx/CVE-2021-32234.json index cdc34deabf80..ef508f55c420 100644 --- a/review_set/2021/32xxx/CVE-2021-32234.json +++ b/review_set/2021/32xxx/CVE-2021-32234.json @@ -111,6 +111,13 @@ } } ], + "credits": [ + { + "lang": "en", + "value": "Discovered by Wietse Boonstra of DIVD", + "type": "finder" + } + ], "source": { "advisory": "DIVD-2021-00006", "discovery": "INTERNAL" diff --git a/review_set/2021/40xxx/CVE-2021-40387.json b/review_set/2021/40xxx/CVE-2021-40387.json index 871a03830fb4..a0faf7309301 100644 --- a/review_set/2021/40xxx/CVE-2021-40387.json +++ b/review_set/2021/40xxx/CVE-2021-40387.json @@ -41,12 +41,13 @@ ], "affected": [ { - "vendor": "n/a", - "product": "n/a", + "vendor": "Kaseya", + "product": "Unitrends Server", "versions": [ { "status": "affected", - "version": "n/a" + "version": "unkown", + "lessThan": "v10.5.5-2" } ], "defaultStatus": "unaffected"