[Git][security-tracker-team/security-tracker][master] Process several NFUs

Salvatore Bonaccorso (@carnil) Wed, 15 Sep 2021 13:19:01 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
b75b3e3f by Salvatore Bonaccorso at 2021-09-15T22:18:25+02:00
Process several NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -17353,37 +17353,37 @@ CVE-2021-33707 (SAP NetWeaver Knowledge Management 
allows remote attackers to re
 CVE-2021-33706 (Due to improper input validation in InfraBox, logs can be 
modified by  ...)
        NOT-FOR-US: InfraBox
 CVE-2021-33705 (The SAP NetWeaver Portal, versions - 7.10, 7.11, 7.20, 7.30, 
7.31, 7.4 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33704 (The Service Layer of SAP Business One, version - 10.0, allows 
an authe ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33703 (Under certain conditions, NetWeaver Enterprise Portal, 
versions - 7.30 ...)
        NOT-FOR-US: NetWeaver
 CVE-2021-33702 (Under certain conditions, NetWeaver Enterprise Portal, 
versions - 7.10 ...)
        NOT-FOR-US: NetWeaver
 CVE-2021-33701 (DMIS Mobile Plug-In or SAP S/4HANA, versions - DMIS 
2011_1_620, 2011_1 ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33700 (SAP Business One, version - 10.0, allows a local attacker with 
access  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33699 (Task Hijacking is a vulnerability that affects the 
applications runnin ...)
        NOT-FOR-US: Android
 CVE-2021-33698 (SAP Business One, version - 10.0, allows an attacker with 
business aut ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33697 (Under certain conditions, SAP BusinessObjects Business 
Intelligence Pl ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33696 (SAP BusinessObjects Business Intelligence Platform (Crystal 
Report), v ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33695 (Potentially, SAP Cloud Connector, version - 2.0 communication 
with the ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33694 (SAP Cloud Connector, version - 2.0, does not sufficiently 
encode user- ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33693 (SAP Cloud Connector, version - 2.0, allows an authenticated 
administra ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33692 (SAP Cloud Connector, version - 2.0, allows the upload of zip 
files as  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33691 (NWDI Notification Service versions - 7.31, 7.40, 7.50, does 
not suffic ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33690 (Server-Side Request Forgery (SSRF) vulnerability has been 
detected in  ...)
-       TODO: check
+       NOT-FOR-US: SAP
 CVE-2021-33689 (When user with insufficient privileges tries to access any 
application ...)
        NOT-FOR-US: SAP
 CVE-2021-33688 (SAP Business One allows an attacker with business privileges 
to execut ...)
@@ -27453,7 +27453,7 @@ CVE-2021-29775 (IBM Business Automation Workflow 
19.0.03 and 20.0 and IBM Cloud
 CVE-2021-29774
        RESERVED
 CVE-2021-29773 (IBM Security Guardium 10.6 and 11.3 could allow a remote 
authenticated ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-29772 (IBM API Connect 5.0.0.0 through 5.0.8.11 could allow a user to 
potenti ...)
        NOT-FOR-US: IBM
 CVE-2021-29771
@@ -27499,7 +27499,7 @@ CVE-2021-29752
 CVE-2021-29751 (IBM Business Automation Workflow 18.0, 19.0, and 20.0 and IBM 
Business ...)
        NOT-FOR-US: IBM
 CVE-2021-29750 (IBM QRadar SIEM 7.3 and 7.4 uses weaker than expected 
cryptographic al ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-29749 (IBM Secure External Authentication Server 6.0.2 and IBM Secure 
Proxy 6 ...)
        NOT-FOR-US: IBM
 CVE-2021-29748
@@ -51293,7 +51293,7 @@ CVE-2021-20435
 CVE-2021-20434
        RESERVED
 CVE-2021-20433 (IBM Security Guardium 11.3 could allow a an authenticated user 
to obta ...)
-       TODO: check
+       NOT-FOR-US: IBM
 CVE-2021-20432 (IBM Spectrum Protect Plus 10.1.0 through 10.1.7 uses 
Cross-Origin Reso ...)
        NOT-FOR-US: IBM
 CVE-2021-20431 (IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does 
not inv ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b75b3e3f187e53cc388d42619542d34ea0db2642

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b75b3e3f187e53cc388d42619542d34ea0db2642
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process several NFUs

Reply via email to