Vulnerability-Lookup

CVE-2021-22530 (GCVE-0-2021-22530)

Vulnerability from cvelistv5 – Published: 2024-08-28 06:29 – Updated: 2024-08-28 13:31

Title

Improper account management vulnerability in NetIQ Advance Authentication

Summary

A vulnerability identified in NetIQ Advance Authentication that doesn't enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1

Severity ?

8.2 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L

CWE

CWE-667 - Improper Locking

Assigner

OpenText

References

URL

Tags

https://www.netiq.com/documentation/advanced-auth…

Impacted products

	Vendor	Product	Version
	OpenText	NetIQ Advance Authentication	Affected: 6.3.5.1 , < < (server)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2021-22530",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-08-28T13:19:20.381421Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-08-28T13:31:54.122Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux"
          ],
          "product": "NetIQ Advance Authentication",
          "vendor": "OpenText",
          "versions": [
            {
              "lessThan": "\u003c",
              "status": "affected",
              "version": "6.3.5.1",
              "versionType": "server"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "A vulnerability identified in NetIQ Advance Authentication that doesn\u0027t enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1\u003cbr\u003e"
            }
          ],
          "value": "A vulnerability identified in NetIQ Advance Authentication that doesn\u0027t enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-49",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-49 Password Brute Forcing"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "LOW",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-667",
              "description": "CWE-667 Improper Locking",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-08-28T06:29:20.166Z",
        "orgId": "f81092c5-7f14-476d-80dc-24857f90be84",
        "shortName": "OpenText"
      },
      "references": [
        {
          "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Improper account management vulnerability in NetIQ Advance Authentication",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f81092c5-7f14-476d-80dc-24857f90be84",
    "assignerShortName": "OpenText",
    "cveId": "CVE-2021-22530",
    "datePublished": "2024-08-28T06:29:20.166Z",
    "dateReserved": "2021-01-05T18:14:04.352Z",
    "dateUpdated": "2024-08-28T13:31:54.122Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2021-22530\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-28T13:19:20.381421Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-28T13:31:49.984Z\"}}], \"cna\": {\"title\": \"Improper account management vulnerability in NetIQ Advance Authentication\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"impacts\": [{\"capecId\": \"CAPEC-49\", \"descriptions\": [{\"lang\": \"en\", \"value\": \"CAPEC-49 Password Brute Forcing\"}]}], \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"CHANGED\", \"version\": \"3.1\", \"baseScore\": 8.2, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L\", \"integrityImpact\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"OpenText\", \"product\": \"NetIQ Advance Authentication\", \"versions\": [{\"status\": \"affected\", \"version\": \"6.3.5.1\", \"lessThan\": \"\u003c\", \"versionType\": \"server\"}], \"platforms\": [\"Linux\"], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"A vulnerability identified in NetIQ Advance Authentication that doesn\u0027t enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"A vulnerability identified in NetIQ Advance Authentication that doesn\u0027t enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-667\", \"description\": \"CWE-667 Improper Locking\"}]}], \"providerMetadata\": {\"orgId\": \"f81092c5-7f14-476d-80dc-24857f90be84\", \"shortName\": \"OpenText\", \"dateUpdated\": \"2024-08-28T06:29:20.166Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2021-22530\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-28T13:31:54.122Z\", \"dateReserved\": \"2021-01-05T18:14:04.352Z\", \"assignerOrgId\": \"f81092c5-7f14-476d-80dc-24857f90be84\", \"datePublished\": \"2024-08-28T06:29:20.166Z\", \"assignerShortName\": \"OpenText\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

FKIE_CVE-2021-22530

Vulnerability from fkie_nvd - Published: 2024-08-28 07:15 - Updated: 2024-09-13 17:15

Severity ?

8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L
9.9 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

Summary

References

	URL	Tags
	security@opentext.com	https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html	Release Notes

Impacted products

Vendor	Product	Version
microfocus	netiq_advanced_authentication	*
microfocus	netiq_advanced_authentication	6.3
microfocus	netiq_advanced_authentication	6.3
microfocus	netiq_advanced_authentication	6.3
microfocus	netiq_advanced_authentication	6.3
microfocus	netiq_advanced_authentication	6.3
microfocus	netiq_advanced_authentication	6.3
microfocus	netiq_advanced_authentication	6.3

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D8BAEC8-626A-4520-A89F-DB40CC774D87",
              "versionEndExcluding": "6.3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "689649F7-75D8-4D13-9A71-50C2908EACA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp1:*:*:*:*:*:*",
              "matchCriteriaId": "A0F82417-D88A-40C5-AD90-7AB826E29C2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "0DD98BB8-7A85-41D6-B1CB-7849D61F085A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "729C4860-8CAC-4D4B-8C68-00B1E84E700A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4:*:*:*:*:*:*",
              "matchCriteriaId": "FEFFEB38-B4CA-48ED-9149-073334346CA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp4_patch1:*:*:*:*:*:*",
              "matchCriteriaId": "B14AC9B7-9339-44BA-BF1B-1876DAFBCA14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microfocus:netiq_advanced_authentication:6.3:sp5:*:*:*:*:*:*",
              "matchCriteriaId": "4A5CE16C-376A-40C1-83E9-2424AAAB668D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability identified in NetIQ Advance Authentication that doesn\u0027t enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1"
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad identificada en la autenticaci\u00f3n avanzada de NetIQ que no aplica el bloqueo de cuenta cuando se realiza un ataque de fuerza bruta en el inicio de sesi\u00f3n basado en API. Este problema puede comprometer la cuenta del usuario si tiene \u00e9xito o puede afectar el rendimiento del servidor. Este problema afecta a toda la autenticaci\u00f3n avanzada de NetIQ anterior a 6.3.5.1"
    }
  ],
  "id": "CVE-2021-22530",
  "lastModified": "2024-09-13T17:15:29.670",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "LOW",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 2.3,
        "impactScore": 5.3,
        "source": "security@opentext.com",
        "type": "Secondary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 9.9,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.3,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2024-08-28T07:15:06.750",
  "references": [
    {
      "source": "security@opentext.com",
      "tags": [
        "Release Notes"
      ],
      "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html"
    }
  ],
  "sourceIdentifier": "security@opentext.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-667"
        }
      ],
      "source": "security@opentext.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-307"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GHSA-2QHQ-448H-5333

Vulnerability from github – Published: 2024-08-28 09:30 – Updated: 2024-08-28 09:30

Details

Severity ?

8.2 (High)


                  
                    CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2021-22530"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-307",
      "CWE-667"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-08-28T07:15:06Z",
    "severity": "HIGH"
  },
  "details": "A vulnerability identified in NetIQ Advance Authentication that doesn\u0027t enforce account lockout when brute force attack is performed on API based login. This issue may lead to user account compromise if successful or may impact server performance. This issue impacts all NetIQ Advance Authentication before 6.3.5.1",
  "id": "GHSA-2qhq-448h-5333",
  "modified": "2024-08-28T09:30:34Z",
  "published": "2024-08-28T09:30:34Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2021-22530"
    },
    {
      "type": "WEB",
      "url": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:L",
      "type": "CVSS_V3"
    }
  ]
}

CNVD-2024-38197

Vulnerability from cnvd - Published: 2024-09-14

Title

NetIQ Advanced Authentication暴力破解漏洞

Description

NetIQ Advanced Authentication是英国NetIQ公司的一个应用软件。提供了从用户名和密码转移到一种更安全的方式来保护您的敏感信息。 NetIQ Advanced Authentication 6.3.5.1之前版本存在暴力破解漏洞，该漏洞源于未强制执行账户锁定机制以应对基于API登录的暴力破解攻击，攻击者可利用该漏洞导致用户账户被攻破或影响服务器性能。

Severity

高

Patch Name

NetIQ Advanced Authentication暴力破解漏洞的补丁

Patch Description

Formal description

厂商已发布了漏洞修复程序，请及时关注更新：https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html

Reference

https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html

Impacted products

Name
NetIQ Advanced Authentication <6.3.5.1

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2021-22530",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2021-22530"
    }
  },
  "description": "NetIQ Advanced Authentication\u662f\u82f1\u56fdNetIQ\u516c\u53f8\u7684\u4e00\u4e2a\u5e94\u7528\u8f6f\u4ef6\u3002\u63d0\u4f9b\u4e86\u4ece\u7528\u6237\u540d\u548c\u5bc6\u7801\u8f6c\u79fb\u5230\u4e00\u79cd\u66f4\u5b89\u5168\u7684\u65b9\u5f0f\u6765\u4fdd\u62a4\u60a8\u7684\u654f\u611f\u4fe1\u606f\u3002\n\nNetIQ Advanced Authentication 6.3.5.1\u4e4b\u524d\u7248\u672c\u5b58\u5728\u66b4\u529b\u7834\u89e3\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u5f3a\u5236\u6267\u884c\u8d26\u6237\u9501\u5b9a\u673a\u5236\u4ee5\u5e94\u5bf9\u57fa\u4e8eAPI\u767b\u5f55\u7684\u66b4\u529b\u7834\u89e3\u653b\u51fb\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7528\u6237\u8d26\u6237\u88ab\u653b\u7834\u6216\u5f71\u54cd\u670d\u52a1\u5668\u6027\u80fd\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1ahttps://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-38197",
  "openTime": "2024-09-14",
  "patchDescription": "NetIQ Advanced Authentication\u662f\u82f1\u56fdNetIQ\u516c\u53f8\u7684\u4e00\u4e2a\u5e94\u7528\u8f6f\u4ef6\u3002\u63d0\u4f9b\u4e86\u4ece\u7528\u6237\u540d\u548c\u5bc6\u7801\u8f6c\u79fb\u5230\u4e00\u79cd\u66f4\u5b89\u5168\u7684\u65b9\u5f0f\u6765\u4fdd\u62a4\u60a8\u7684\u654f\u611f\u4fe1\u606f\u3002\r\n\r\nNetIQ Advanced Authentication 6.3.5.1\u4e4b\u524d\u7248\u672c\u5b58\u5728\u66b4\u529b\u7834\u89e3\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u5f3a\u5236\u6267\u884c\u8d26\u6237\u9501\u5b9a\u673a\u5236\u4ee5\u5e94\u5bf9\u57fa\u4e8eAPI\u767b\u5f55\u7684\u66b4\u529b\u7834\u89e3\u653b\u51fb\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u7528\u6237\u8d26\u6237\u88ab\u653b\u7834\u6216\u5f71\u54cd\u670d\u52a1\u5668\u6027\u80fd\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "NetIQ Advanced Authentication\u66b4\u529b\u7834\u89e3\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "NetIQ Advanced Authentication \u003c6.3.5.1"
  },
  "referenceLink": "https://www.netiq.com/documentation/advanced-authentication-63/advanced-authentication-releasenotes-6351/data/advanced-authentication-releasenotes-6351.html",
  "serverity": "\u9ad8",
  "submitTime": "2024-08-30",
  "title": "NetIQ Advanced Authentication\u66b4\u529b\u7834\u89e3\u6f0f\u6d1e"
}

GSD-2021-22530

Vulnerability from gsd - Updated: 2023-12-13 01:23

Details

** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.

Aliases

CVE-2021-22530

Aliases

CVE-2021-22530

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2021-22530",
    "id": "GSD-2021-22530"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2021-22530"
      ],
      "id": "GSD-2021-22530",
      "modified": "2023-12-13T01:23:24.955948Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2021-22530",
        "STATE": "RESERVED"
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2021-22530 (GCVE-0-2021-22530)

FKIE_CVE-2021-22530

GHSA-2QHQ-448H-5333

CNVD-2024-38197

GSD-2021-22530

Tags

Sightings

Nomenclature