CVEProject
diff --git a/‎2021/22xxx/CVE-2021-22509.json
Lines changed: 75 additions & 4 deletions b/‎2021/22xxx/CVE-2021-22509.json
Lines changed: 75 additions & 4 deletions
diff --git a/‎2021/22xxx/CVE-2021-22529.json
Lines changed: 75 additions & 4 deletions b/‎2021/22xxx/CVE-2021-22529.json
Lines changed: 75 additions & 4 deletions
diff --git a/‎2021/22xxx/CVE-2021-22530.json
Lines changed: 75 additions & 4 deletions b/‎2021/22xxx/CVE-2021-22530.json
Lines changed: 75 additions & 4 deletions
diff --git a/‎2021/38xxx/CVE-2021-38120.json
Lines changed: 75 additions & 4 deletions b/‎2021/38xxx/CVE-2021-38120.json
Lines changed: 75 additions & 4 deletions
@@ -1,17 +1,88 @@
 {
+    "data_version": "4.0",
     "data_type": "CVE",
     "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2021-22509",
-        "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ASSIGNER": "[email protected]",
+        "STATE": "PUBLIC"
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A vulnerability identified in storing and reusing information in Advance Authentication. This issue can lead to leakage of sensitive data to unauthorized user. The issue affects NetIQ Advance Authentication before 6.3.5.1"
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-312 Cleartext Storage of Sensitive Information",
+                        "cweId": "CWE-312"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "OpenText",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "NetIQ Advance Authentication",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "6.3.5.1",
+                                            "version_value": "<"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html",
+                "refsource": "MISC",
+                "name": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html"
+            }
+        ]
+    },
+    "generator": {
+        "engine": "Vulnogram 0.2.0"
+    },
+    "source": {
+        "discovery": "UNKNOWN"
+    },
+    "impact": {
+        "cvss": [
+            {
+                "attackComplexity": "LOW",
+                "attackVector": "LOCAL",
+                "availabilityImpact": "LOW",
+                "baseScore": 8.1,
+                "baseSeverity": "HIGH",
+                "confidentialityImpact": "HIGH",
+                "integrityImpact": "HIGH",
+                "privilegesRequired": "LOW",
+                "scope": "CHANGED",
+                "userInteraction": "REQUIRED",
+                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:L",
+                "version": "3.1"
             }
         ]
     }
 
@@ -1,17 +1,88 @@
 {
+    "data_version": "4.0",
     "data_type": "CVE",
     "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2021-22529",
-        "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ASSIGNER": "[email protected]",
+        "STATE": "PUBLIC"
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A vulnerability identified in NetIQ Advance Authentication that leaks sensitive server information. This issue affects NetIQ Advance Authentication version before 6.3.5.1"
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
+                        "cweId": "CWE-200"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "OpenText",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "NetIQ Advance Authentication",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "6.3.5.1",
+                                            "version_value": "<"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html",
+                "refsource": "MISC",
+                "name": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html"
+            }
+        ]
+    },
+    "generator": {
+        "engine": "Vulnogram 0.2.0"
+    },
+    "source": {
+        "discovery": "UNKNOWN"
+    },
+    "impact": {
+        "cvss": [
+            {
+                "attackComplexity": "HIGH",
+                "attackVector": "LOCAL",
+                "availabilityImpact": "HIGH",
+                "baseScore": 6.3,
+                "baseSeverity": "MEDIUM",
+                "confidentialityImpact": "HIGH",
+                "integrityImpact": "HIGH",
+                "privilegesRequired": "HIGH",
+                "scope": "UNCHANGED",
+                "userInteraction": "REQUIRED",
+                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H",
+                "version": "3.1"
             }
         ]
     }
 
@@ -1,17 +1,88 @@
 {
+    "data_version": "4.0",
     "data_type": "CVE",
     "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2021-22530",
-        "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ASSIGNER": "[email protected]",
+        "STATE": "PUBLIC"
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1"
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-667 Improper Locking",
+                        "cweId": "CWE-667"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "OpenText",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "NetIQ Advance Authentication",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "6.3.5.1",
+                                            "version_value": "<"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html",
+                "refsource": "MISC",
+                "name": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html"
+            }
+        ]
+    },
+    "generator": {
+        "engine": "Vulnogram 0.2.0"
+    },
+    "source": {
+        "discovery": "UNKNOWN"
+    },
+    "impact": {
+        "cvss": [
+            {
+                "attackComplexity": "LOW",
+                "attackVector": "NETWORK",
+                "availabilityImpact": "LOW",
+                "baseScore": 8.2,
+                "baseSeverity": "HIGH",
+                "confidentialityImpact": "HIGH",
+                "integrityImpact": "LOW",
+                "privilegesRequired": "LOW",
+                "scope": "CHANGED",
+                "userInteraction": "REQUIRED",
+                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L",
+                "version": "3.1"
             }
         ]
     }
 
@@ -1,17 +1,88 @@
 {
+    "data_version": "4.0",
     "data_type": "CVE",
     "data_format": "MITRE",
-    "data_version": "4.0",
     "CVE_data_meta": {
         "ID": "CVE-2021-38120",
-        "ASSIGNER": "[email protected]",
-        "STATE": "RESERVED"
+        "ASSIGNER": "[email protected]",
+        "STATE": "PUBLIC"
     },
     "description": {
         "description_data": [
             {
                 "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A vulnerability identified in Advance Authentication that allows bash command Injection in administrative controlled functionality of backup due to improper\nhandling in provided\u00a0command parameters. This issue affects NetIQ Advance Authentication version before 6.3.5.1."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection')",
+                        "cweId": "CWE-77"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "OpenText",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "NetIQ Advance Authentication",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "<",
+                                            "version_name": "6.3.5.1",
+                                            "version_value": "<"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html",
+                "refsource": "MISC",
+                "name": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html"
+            }
+        ]
+    },
+    "generator": {
+        "engine": "Vulnogram 0.2.0"
+    },
+    "source": {
+        "discovery": "UNKNOWN"
+    },
+    "impact": {
+        "cvss": [
+            {
+                "attackComplexity": "HIGH",
+                "attackVector": "LOCAL",
+                "availabilityImpact": "LOW",
+                "baseScore": 5.1,
+                "baseSeverity": "MEDIUM",
+                "confidentialityImpact": "LOW",
+                "integrityImpact": "HIGH",
+                "privilegesRequired": "HIGH",
+                "scope": "UNCHANGED",
+                "userInteraction": "REQUIRED",
+                "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:L/I:H/A:L",
+                "version": "3.1"
             }
         ]
     }