Skip to content
This repository was archived by the owner on Jun 10, 2025. It is now read-only.

Commit 480b35b

Browse files
cve-teamcve-team
committed
"-Synchronized-Data."
1 parent f534d33 commit 480b35b

File tree

6 files changed

+497
-22
lines changed

6 files changed

+497
-22
lines changed

2021/23xxx/CVE-2021-23282.json

Lines changed: 88 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,101 @@
11
{
2+
"data_version": "4.0",
23
"data_type": "CVE",
34
"data_format": "MITRE",
4-
"data_version": "4.0",
55
"CVE_data_meta": {
66
"ID": "CVE-2021-23282",
7-
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "PUBLIC"
99
},
1010
"description": {
1111
"description_data": [
1212
{
1313
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
14+
"value": "Eaton Intelligent Power Manager (IPM) prior to 1.70 is vulnerable to stored Cross site scripting. The\nvulnerability exists due to insufficient validation of input from certain resources by the IPM software.\nThe attacker would need access to the local Subnet and an administrator interaction to compromise\nthe system"
15+
}
16+
]
17+
},
18+
"problemtype": {
19+
"problemtype_data": [
20+
{
21+
"description": [
22+
{
23+
"lang": "eng",
24+
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
25+
"cweId": "CWE-79"
26+
}
27+
]
28+
}
29+
]
30+
},
31+
"affects": {
32+
"vendor": {
33+
"vendor_data": [
34+
{
35+
"vendor_name": "Eaton",
36+
"product": {
37+
"product_data": [
38+
{
39+
"product_name": "Intelligent Power Manager (IPM)",
40+
"version": {
41+
"version_data": [
42+
{
43+
"version_affected": "<",
44+
"version_name": "0",
45+
"version_value": "1.70"
46+
}
47+
]
48+
}
49+
}
50+
]
51+
}
52+
}
53+
]
54+
}
55+
},
56+
"references": {
57+
"reference_data": [
58+
{
59+
"url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Intelligent-Power-Manager-Vulnerability-Advisory_1001a_V1.0.pdf",
60+
"refsource": "MISC",
61+
"name": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-Intelligent-Power-Manager-Vulnerability-Advisory_1001a_V1.0.pdf"
62+
}
63+
]
64+
},
65+
"generator": {
66+
"engine": "Vulnogram 0.2.0"
67+
},
68+
"source": {
69+
"discovery": "UNKNOWN"
70+
},
71+
"solution": [
72+
{
73+
"lang": "en",
74+
"supportingMedia": [
75+
{
76+
"base64": false,
77+
"type": "text/html",
78+
"value": "Eaton has patched these security issues and an updated version (v1.70) of the IPM v1 software has been\nreleased.<br>"
79+
}
80+
],
81+
"value": "Eaton has patched these security issues and an updated version (v1.70) of the IPM v1 software has been\nreleased."
82+
}
83+
],
84+
"impact": {
85+
"cvss": [
86+
{
87+
"attackComplexity": "LOW",
88+
"attackVector": "ADJACENT_NETWORK",
89+
"availabilityImpact": "HIGH",
90+
"baseScore": 5.2,
91+
"baseSeverity": "MEDIUM",
92+
"confidentialityImpact": "NONE",
93+
"integrityImpact": "LOW",
94+
"privilegesRequired": "HIGH",
95+
"scope": "UNCHANGED",
96+
"userInteraction": "NONE",
97+
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H",
98+
"version": "3.1"
1599
}
16100
]
17101
}

2022/33xxx/CVE-2022-33861.json

Lines changed: 88 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,101 @@
11
{
2+
"data_version": "4.0",
23
"data_type": "CVE",
34
"data_format": "MITRE",
4-
"data_version": "4.0",
55
"CVE_data_meta": {
66
"ID": "CVE-2022-33861",
7-
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "PUBLIC"
99
},
1010
"description": {
1111
"description_data": [
1212
{
1313
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
14+
"value": "IPP software versions prior to v1.71 do not sufficiently verify the authenticity of data, in a\nway that causes it to accept invalid data."
15+
}
16+
]
17+
},
18+
"problemtype": {
19+
"problemtype_data": [
20+
{
21+
"description": [
22+
{
23+
"lang": "eng",
24+
"value": "CWE-345 Insufficient Verification of Data Authenticity",
25+
"cweId": "CWE-345"
26+
}
27+
]
28+
}
29+
]
30+
},
31+
"affects": {
32+
"vendor": {
33+
"vendor_data": [
34+
{
35+
"vendor_name": "Eaton",
36+
"product": {
37+
"product_data": [
38+
{
39+
"product_name": "Intelligent Power Protector",
40+
"version": {
41+
"version_data": [
42+
{
43+
"version_affected": "<",
44+
"version_name": "0",
45+
"version_value": "1.71"
46+
}
47+
]
48+
}
49+
}
50+
]
51+
}
52+
}
53+
]
54+
}
55+
},
56+
"references": {
57+
"reference_data": [
58+
{
59+
"url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/ETN-VA-2022-1011.pdf",
60+
"refsource": "MISC",
61+
"name": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/ETN-VA-2022-1011.pdf"
62+
}
63+
]
64+
},
65+
"generator": {
66+
"engine": "Vulnogram 0.2.0"
67+
},
68+
"source": {
69+
"discovery": "UNKNOWN"
70+
},
71+
"solution": [
72+
{
73+
"lang": "en",
74+
"supportingMedia": [
75+
{
76+
"base64": false,
77+
"type": "text/html",
78+
"value": "Eaton has remediated the vulnerabilities in IPP software version 1.71.<br>"
79+
}
80+
],
81+
"value": "Eaton has remediated the vulnerabilities in IPP software version 1.71."
82+
}
83+
],
84+
"impact": {
85+
"cvss": [
86+
{
87+
"attackComplexity": "HIGH",
88+
"attackVector": "ADJACENT_NETWORK",
89+
"availabilityImpact": "LOW",
90+
"baseScore": 5.1,
91+
"baseSeverity": "MEDIUM",
92+
"confidentialityImpact": "LOW",
93+
"integrityImpact": "LOW",
94+
"privilegesRequired": "LOW",
95+
"scope": "CHANGED",
96+
"userInteraction": "REQUIRED",
97+
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:L/UI:R/S:C/C:L/I:L/A:L",
98+
"version": "3.1"
1599
}
16100
]
17101
}

2022/33xxx/CVE-2022-33862.json

Lines changed: 88 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,17 +1,101 @@
11
{
2+
"data_version": "4.0",
23
"data_type": "CVE",
34
"data_format": "MITRE",
4-
"data_version": "4.0",
55
"CVE_data_meta": {
66
"ID": "CVE-2022-33862",
7-
"ASSIGNER": "[email protected]",
8-
"STATE": "RESERVED"
7+
"ASSIGNER": "[email protected]",
8+
"STATE": "PUBLIC"
99
},
1010
"description": {
1111
"description_data": [
1212
{
1313
"lang": "eng",
14-
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
14+
"value": "IPP software prior to v1.71 is vulnerable to default credential vulnerability. This could\nlead attackers to identify and access vulnerable systems."
15+
}
16+
]
17+
},
18+
"problemtype": {
19+
"problemtype_data": [
20+
{
21+
"description": [
22+
{
23+
"lang": "eng",
24+
"value": "CWE-287 Improper Authentication",
25+
"cweId": "CWE-287"
26+
}
27+
]
28+
}
29+
]
30+
},
31+
"affects": {
32+
"vendor": {
33+
"vendor_data": [
34+
{
35+
"vendor_name": "Eaton",
36+
"product": {
37+
"product_data": [
38+
{
39+
"product_name": "Intelligent Power Protector (IPP)",
40+
"version": {
41+
"version_data": [
42+
{
43+
"version_affected": "<",
44+
"version_name": "0",
45+
"version_value": "1.71"
46+
}
47+
]
48+
}
49+
}
50+
]
51+
}
52+
}
53+
]
54+
}
55+
},
56+
"references": {
57+
"reference_data": [
58+
{
59+
"url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/ETN-VA-2022-1011.pdf",
60+
"refsource": "MISC",
61+
"name": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/ETN-VA-2022-1011.pdf"
62+
}
63+
]
64+
},
65+
"generator": {
66+
"engine": "Vulnogram 0.2.0"
67+
},
68+
"source": {
69+
"discovery": "UNKNOWN"
70+
},
71+
"solution": [
72+
{
73+
"lang": "en",
74+
"supportingMedia": [
75+
{
76+
"base64": false,
77+
"type": "text/html",
78+
"value": "Eaton has remediated the vulnerabilities in IPP software version 1.71.\n\n<br>"
79+
}
80+
],
81+
"value": "Eaton has remediated the vulnerabilities in IPP software version 1.71."
82+
}
83+
],
84+
"impact": {
85+
"cvss": [
86+
{
87+
"attackComplexity": "LOW",
88+
"attackVector": "LOCAL",
89+
"availabilityImpact": "HIGH",
90+
"baseScore": 6.7,
91+
"baseSeverity": "MEDIUM",
92+
"confidentialityImpact": "HIGH",
93+
"integrityImpact": "HIGH",
94+
"privilegesRequired": "HIGH",
95+
"scope": "UNCHANGED",
96+
"userInteraction": "NONE",
97+
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
98+
"version": "3.1"
1599
}
16100
]
17101
}

2024/0xxx/CVE-2024-0564.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,8 @@
2121
"description": [
2222
{
2323
"lang": "eng",
24-
"value": "Improper Control of Resource Identifiers ('Resource Injection')",
25-
"cweId": "CWE-99"
24+
"value": "Observable Discrepancy",
25+
"cweId": "CWE-203"
2626
}
2727
]
2828
}

0 commit comments

Comments
 (0)