[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Nov 4 20:41:46 GMT 2021



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dea83b9c by Salvatore Bonaccorso at 2021-11-04T21:41:18+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -206,7 +206,7 @@ CVE-2021-43295
 CVE-2021-43294
 	RESERVED
 CVE-2021-43293 (Sonatype Nexus Repository Manager 3.x before 3.36.0 allows a remote au ...)
-	TODO: check
+	NOT-FOR-US: Sonatype
 CVE-2021-43292
 	RESERVED
 CVE-2021-43291
@@ -230,7 +230,7 @@ CVE-2021-43283
 CVE-2021-43282
 	RESERVED
 CVE-2021-43281 (MyBB before 1.8.29 allows Remote Code Injection by an admin with the " ...)
-	TODO: check
+	NOT-FOR-US: MyBB
 CVE-2021-43280
 	RESERVED
 CVE-2021-43279
@@ -9786,15 +9786,15 @@ CVE-2021-40130
 CVE-2021-40129
 	RESERVED
 CVE-2021-40128 (A vulnerability in the account activation feature of Cisco Webex Meeti ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-40127 (A vulnerability in the web-based management interface of Cisco Small B ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-40126 (A vulnerability in the web-based dashboard of Cisco Umbrella could all ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-40125 (A vulnerability in the Internet Key Exchange Version 2 (IKEv2) impleme ...)
 	NOT-FOR-US: Cisco
 CVE-2021-40124 (A vulnerability in the Network Access Manager (NAM) module of Cisco An ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-40123 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
 CVE-2021-40122 (A vulnerability in an API of the Call Bridge feature of Cisco Meeting  ...)
@@ -9802,9 +9802,9 @@ CVE-2021-40122 (A vulnerability in an API of the Call Bridge feature of Cisco Me
 CVE-2021-40121 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
 CVE-2021-40120 (A vulnerability in the web-based management interface of certain Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-40119 (A vulnerability in the key-based SSH authentication mechanism of Cisco ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-40118 (Multiple vulnerabilities in the web services interface of Cisco Adapti ...)
 	NOT-FOR-US: Cisco
 CVE-2021-40117 (A vulnerability in SSL/TLS message handler for Cisco Adaptive Security ...)
@@ -9812,13 +9812,13 @@ CVE-2021-40117 (A vulnerability in SSL/TLS message handler for Cisco Adaptive Se
 CVE-2021-40116 (Multiple Cisco products are affected by a vulnerability in Snort rules ...)
 	NOT-FOR-US: Cisco
 CVE-2021-40115 (A vulnerability in Cisco Webex Video Mesh could allow an unauthenticat ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-40114 (Multiple Cisco products are affected by a vulnerability in the way the ...)
 	NOT-FOR-US: Cisco
 CVE-2021-40113 (Multiple vulnerabilities in the web-based management interface of the  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-40112 (Multiple vulnerabilities in the web-based management interface of the  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-40111
 	RESERVED
 CVE-2021-40110
@@ -22462,7 +22462,7 @@ CVE-2021-34797
 CVE-2021-34796
 	RESERVED
 CVE-2021-34795 (Multiple vulnerabilities in the web-based management interface of the  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34794 (A vulnerability in the Simple Network Management Protocol version 3 (S ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34793 (A vulnerability in the TCP Normalizer of Cisco Adaptive Security Appli ...)
@@ -22484,7 +22484,7 @@ CVE-2021-34786 (Multiple vulnerabilities in Cisco BroadWorks CommPilot Applicati
 CVE-2021-34785 (Multiple vulnerabilities in Cisco BroadWorks CommPilot Application Sof ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34784 (A vulnerability in the web-based management interface of Cisco Prime I ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34783 (A vulnerability in the software-based SSL/TLS message handler of Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34782 (A vulnerability in the API endpoints for Cisco DNA Center could allow  ...)
@@ -22504,9 +22504,9 @@ CVE-2021-34776 (Multiple vulnerabilities exist in the Link Layer Discovery Proto
 CVE-2021-34775 (Multiple vulnerabilities exist in the Link Layer Discovery Protocol (L ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34774 (A vulnerability in the web-based management interface of Cisco Common  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34773 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34772 (A vulnerability in the web-based management interface of Cisco Orbital ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34771 (A vulnerability in the Cisco IOS XR Software CLI could allow an authen ...)
@@ -22570,11 +22570,11 @@ CVE-2021-34743 (A vulnerability in the application integration feature of Cisco
 CVE-2021-34742 (A vulnerability in the web-based management interface of Cisco Vision  ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34741 (A vulnerability in the email scanning algorithm of Cisco AsyncOS softw ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34740 (A vulnerability in the WLAN Control Protocol (WCP) implementation for  ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34739 (A vulnerability in the web-based management interface of multiple Cisc ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34738 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34737 (A vulnerability in the DHCP version 4 (DHCPv4) server feature of Cisco ...)
@@ -22590,7 +22590,7 @@ CVE-2021-34733 (A vulnerability in the CLI of Cisco Prime Infrastructure and Cis
 CVE-2021-34732 (A vulnerability in the web-based management interface of Cisco Prime C ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34731 (A vulnerability in the web-based management interface of Cisco Prime A ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34730 (A vulnerability in the Universal Plug-and-Play (UPnP) service of Cisco ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34729 (A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco I ...)
@@ -22650,7 +22650,7 @@ CVE-2021-34703 (A vulnerability in the Link Layer Discovery Protocol (LLDP) mess
 CVE-2021-34702 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34701 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2021-34700 (A vulnerability in the CLI interface of Cisco SD-WAN vManage Software  ...)
 	NOT-FOR-US: Cisco
 CVE-2021-34699 (A vulnerability in the TrustSec CLI parser of Cisco IOS and Cisco IOS  ...)
@@ -22915,7 +22915,7 @@ CVE-2021-34599
 CVE-2021-34598
 	RESERVED
 CVE-2021-34597 (Improper Input Validation vulnerability in PC Worx Automation Suite of ...)
-	TODO: check
+	NOT-FOR-US: Phoenix Contact
 CVE-2021-34596 (A crafted request may cause a read access to an uninitialized pointer  ...)
 	NOT-FOR-US: CODESYS
 CVE-2021-34595 (A crafted request with invalid offsets may cause an out-of-bounds read ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dea83b9cfef76c0f227c8427cbbaa2d7b82e9b93

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dea83b9cfef76c0f227c8427cbbaa2d7b82e9b93
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20211104/16e1936b/attachment.htm>


More information about the debian-security-tracker-commits mailing list