[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) Thu, 07 Jul 2022 01:43:51 -0700


Neil Williams pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
f714b048 by Neil Williams at 2022-07-07T09:43:20+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -12314,7 +12314,7 @@ CVE-2022-30621
 CVE-2022-30620
        RESERVED
 CVE-2022-30619 (Editable SQL Queries behind Base64 encoding sending from the 
Client-Si ...)
-       TODO: check
+       NOT-FOR-US: Agile Point
 CVE-2022-30618 (An authenticated user with access to the Strapi admin panel 
can view p ...)
        NOT-FOR-US: Strapi
 CVE-2022-30617 (An authenticated user with access to the Strapi admin panel 
can view p ...)
@@ -35370,9 +35370,9 @@ CVE-2022-23175
 CVE-2022-23174
        RESERVED
 CVE-2022-23173 (this vulnerability affect user that even not allowed to access 
via the ...)
-       TODO: check
+       NOT-FOR-US: Priority
 CVE-2022-23172 (An attacker can access to "Forgot my password" button, as soon 
as he p ...)
-       TODO: check
+       NOT-FOR-US: Priority
 CVE-2022-23171 (AtlasVPN - Privilege Escalation Lack of proper security 
controls on na ...)
        NOT-FOR-US: AtlasVPN
 CVE-2022-23170 (SysAid - Okta SSO integration - was found vulnerable to XML 
External E ...)
@@ -37273,7 +37273,7 @@ CVE-2022-22683
 CVE-2022-22682
        RESERVED
 CVE-2022-22681 (Session fixation vulnerability in access control management in 
Synolog ...)
-       TODO: check
+       NOT-FOR-US: Synology
 CVE-2022-22680 (Exposure of sensitive information to an unauthorized actor 
vulnerabili ...)
        NOT-FOR-US: Synology
 CVE-2022-22679 (Improper limitation of a pathname to a restricted directory 
('Path Tra ...)
@@ -49619,13 +49619,13 @@ CVE-2022-20864
 CVE-2022-20863
        RESERVED
 CVE-2022-20862 (A vulnerability in the web-based management interface of Cisco 
Unified ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2022-20861
        RESERVED
 CVE-2022-20860
        RESERVED
 CVE-2022-20859 (A vulnerability in the Disaster Recovery framework of Cisco 
Unified Co ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2022-20858
        RESERVED
 CVE-2022-20857
@@ -49713,13 +49713,13 @@ CVE-2022-20817 (A vulnerability in Cisco Unified IP 
Phones could allow an unauth
 CVE-2022-20816
        RESERVED
 CVE-2022-20815 (A vulnerability in the web-based management interface of Cisco 
Unified ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2022-20814
        RESERVED
 CVE-2022-20813 (Multiple vulnerabilities in the API and in the web-based 
management in ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2022-20812 (Multiple vulnerabilities in the API and in the web-based 
management in ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2022-20811
        RESERVED
 CVE-2022-20810
@@ -49745,7 +49745,7 @@ CVE-2022-20802 (A vulnerability in the web interface of 
Cisco Enterprise Chat an
 CVE-2022-20801 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
        NOT-FOR-US: Cisco
 CVE-2022-20800 (A vulnerability in the web-based management interface of Cisco 
Unified ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2022-20799 (Multiple vulnerabilities in the web-based management interface 
of Cisc ...)
        NOT-FOR-US: Cisco
 CVE-2022-20798 (A vulnerability in the external authentication functionality 
of Cisco  ...)
@@ -49772,7 +49772,7 @@ CVE-2022-20792
        [buster] - clamav <no-dsa> (clamav is updated via -updates)
        NOTE: 
https://blog.clamav.net/2022/05/clamav-01050-01043-01036-released.html
 CVE-2022-20791 (A vulnerability in the database user privileges of Cisco 
Unified Commu ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2022-20790 (A vulnerability in the web-based management interface of Cisco 
Unified ...)
        NOT-FOR-US: Cisco
 CVE-2022-20789 (A vulnerability in the software upgrade process of Cisco 
Unified Commu ...)
@@ -49830,7 +49830,7 @@ CVE-2022-20770 (On April 20, 2022, the following 
vulnerability in the ClamAV sca
 CVE-2022-20769
        RESERVED
 CVE-2022-20768 (A vulnerability in the logging component of Cisco TelePresence 
Collabo ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2022-20767 (A vulnerability in the Snort rule evaluation function of Cisco 
Firepow ...)
        NOT-FOR-US: Cisco Firepower
 CVE-2022-20766
@@ -49862,7 +49862,7 @@ CVE-2022-20754 (Multiple vulnerabilities in the API and 
web-based management int
 CVE-2022-20753 (A vulnerability in web-based management interface of Cisco 
Small Busin ...)
        NOT-FOR-US: Cisco
 CVE-2022-20752 (A vulnerability in Cisco Unified Communications Manager 
(Unified CM),  ...)
-       TODO: check
+       NOT-FOR-US: Cisco
 CVE-2022-20751 (A vulnerability in the Snort detection engine integration for 
Cisco Fi ...)
        NOT-FOR-US: Cisco Firepower
 CVE-2022-20750 (A vulnerability in the checkpoint manager implementation of 
Cisco Redu ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f714b048498bcaae09a11063048caf9bd06e3ca8

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f714b048498bcaae09a11063048caf9bd06e3ca8
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to