[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Mon, 26 Jul 2021 05:40:29 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
e9f6badf by Salvatore Bonaccorso at 2021-07-26T14:39:29+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -119,69 +119,69 @@ CVE-2021-37472
 CVE-2021-37471
        RESERVED
 CVE-2021-37470 (In NCH WebDictate v2.13, persistent Cross Site Scripting (XSS) 
exists  ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37469 (In NCH WebDictate v2.13 and earlier, authenticated users can 
abuse log ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37468 (NCH Reflect CRM 3.01 allows local users to discover cleartext 
user acc ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37467 (In NCH Quorum v2.03 and earlier, XSS exists via 
/conferencebrowseuploa ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37466 (In NCH Quorum v2.03 and earlier, XSS exists via 
/conference?id= (refle ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37465 (In NCH Quorum v2.03 and earlier, XSS exists via /uploaddoc?id= 
(reflec ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37464 (In NCH Quorum v2.03 and earlier, XSS exists via Conference 
Description ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37463 (In NCH Quorum v2.03 and earlier, XSS exists via User Display 
Name (sto ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37462 (Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and 
earlier vi ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37461 (Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and 
earlier vi ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37460 (Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and 
earlier vi ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37459 (Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and 
earlier vi ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37458 (Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and 
earlier vi ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37457 (Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and 
earlier vi ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37456 (Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and 
earlier vi ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37455 (Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and 
earlier vi ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37454 (Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and 
earlier vi ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37453 (Cross Site Scripting (XSS) exists in NCH Axon PBX v2.22 and 
earlier vi ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37452 (NCH Quorum v2.03 and earlier allows local users to discover 
cleartext  ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37451 (Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 
and earli ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37450 (Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 
and earli ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37449 (Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 
and earli ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37448 (Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 
and earli ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37447 (In NCH Quorum v2.03 and earlier, an authenticated user can use 
directo ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37446 (In NCH Quorum v2.03 and earlier, an authenticated user can use 
directo ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37445 (In NCH Quorum v2.03 and earlier, an authenticated user can use 
directo ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37444 (NCH IVM Attendant v5.12 and earlier suffers from a directory 
traversal ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37443 (NCH IVM Attendant v5.12 and earlier allows path traversal via 
the logd ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37442 (NCH IVM Attendant v5.12 and earlier allows path traversal via 
viewfile ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37441 (NCH Axon PBX v2.22 and earlier allows path traversal for file 
deletion ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37440 (NCH Axon PBX v2.22 and earlier allows path traversal for file 
disclosu ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37439 (NCH FlexiServer v6.00 suffers from a syslog?file=/.. path 
traversal vu ...)
-       TODO: check
+       NOT-FOR-US: NCH
 CVE-2021-37438
        REJECTED
 CVE-2021-37437



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9f6badfdd62629b89accc78084f4c1ab04d18e2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e9f6badfdd62629b89accc78084f4c1ab04d18e2
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to