[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Aug 11 09:40:37 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b30bdb20 by Salvatore Bonaccorso at 2022-08-11T10:40:15+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47,7 +47,7 @@ CVE-2022-38146
 CVE-2022-38145
 	RESERVED
 CVE-2022-38133 (In JetBrains TeamCity before 2022.04.3 the private SSH key could be wr ...)
-	TODO: check
+	NOT-FOR-US: JetBrains TeamCity
 CVE-2022-38132
 	RESERVED
 CVE-2022-38131
@@ -14318,7 +14318,7 @@ CVE-2022-32431
 CVE-2022-32430 (An access control issue in Lin CMS Spring Boot v0.2.1 allows attackers ...)
 	NOT-FOR-US: Lin CMS
 CVE-2022-32429 (An authentication-bypass issue in the component http://MYDEVICEIP/cgi- ...)
-	TODO: check
+	NOT-FOR-US: Mega System Technologies Inc MSNSwitch
 CVE-2022-32428
 	RESERVED
 CVE-2022-32427
@@ -42387,7 +42387,7 @@ CVE-2022-23240
 CVE-2022-23239
 	RESERVED
 CVE-2022-23238 (Linux deployments of StorageGRID (formerly StorageGRID Webscale) versi ...)
-	TODO: check
+	NOT-FOR-US: StorageGRID (formerly StorageGRID Webscale)
 CVE-2022-23237 (E-Series SANtricity OS Controller Software 11.x versions through 11.70 ...)
 	NOT-FOR-US: E-Series SANtricity OS Controller Software
 CVE-2022-23236 (E-Series SANtricity OS Controller Software versions 11.40 through 11.7 ...)
@@ -45292,7 +45292,7 @@ CVE-2022-22492
 CVE-2022-22491
 	RESERVED
 CVE-2022-22490 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow  ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-22489
 	RESERVED
 CVE-2022-22488
@@ -45450,7 +45450,7 @@ CVE-2022-22413 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 is vul
 CVE-2022-22412 (IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow  ...)
 	NOT-FOR-US: IBM
 CVE-2022-22411 (IBM Spectrum Scale Data Access Services (DAS) 5.1.3.1 could allow an a ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-22410 (IBM Watson Query with Cloud Pak for Data as a Service could allow an a ...)
 	NOT-FOR-US: IBM
 CVE-2022-22409
@@ -45534,7 +45534,7 @@ CVE-2022-22371
 CVE-2022-22370 (IBM Security Verify Access 10.0.0.0, 10.0.1.0, 10.0.2.0, and 10.0.3.0  ...)
 	NOT-FOR-US: IBM
 CVE-2022-22369 (IBM Workload Scheduler 9.4 and 9.5 could allow a local user to overwri ...)
-	TODO: check
+	NOT-FOR-US: IBM
 CVE-2022-22368 (IBM Spectrum Scale 5.1.0 through 5.1.3.0 uses weaker than expected cry ...)
 	NOT-FOR-US: IBM
 CVE-2022-22367 (IBM UrbanCode Deploy (UCD) 6.2.7.15, 7.0.5.10, 7.1.2.6, and 7.2.2.1 co ...)
@@ -46557,7 +46557,7 @@ CVE-2022-0030
 CVE-2022-0029
 	RESERVED
 CVE-2022-0028 (A PAN-OS URL filtering policy misconfiguration could allow a network-b ...)
-	TODO: check
+	NOT-FOR-US: Palo Alto Networks
 CVE-2022-0027 (An improper authorization vulnerability in Palo Alto Network Cortex XS ...)
 	NOT-FOR-US: Palo Alto Networks software
 CVE-2022-0026 (A local privilege escalation (PE) vulnerability exists in Palo Alto Ne ...)
@@ -56912,7 +56912,7 @@ CVE-2022-20916 (A vulnerability in the web-based management interface of Cisco I
 CVE-2022-20915
 	RESERVED
 CVE-2022-20914 (A vulnerability in the External RESTful Services (ERS) API of Cisco Id ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20913 (A vulnerability in Cisco Nexus Dashboard could allow an authenticated, ...)
 	NOT-FOR-US: Cisco
 CVE-2022-20912 (Multiple vulnerabilities in the web-based management interface of Cisc ...)
@@ -57002,13 +57002,13 @@ CVE-2022-20871
 CVE-2022-20870
 	RESERVED
 CVE-2022-20869 (A vulnerability in the web-based management interface of Cisco BroadWo ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20868
 	RESERVED
 CVE-2022-20867
 	RESERVED
 CVE-2022-20866 (A vulnerability in the handling of RSA keys on devices running Cisco A ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20865
 	RESERVED
 CVE-2022-20864
@@ -57036,7 +57036,7 @@ CVE-2022-20854
 CVE-2022-20853
 	RESERVED
 CVE-2022-20852 (Multiple vulnerabilities in the web interface of Cisco Webex Meetings  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20851
 	RESERVED
 CVE-2022-20850
@@ -57056,9 +57056,9 @@ CVE-2022-20844
 CVE-2022-20843
 	RESERVED
 CVE-2022-20842 (Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340,  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20841 (Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340,  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20840
 	RESERVED
 CVE-2022-20839
@@ -57086,7 +57086,7 @@ CVE-2022-20829 (A vulnerability in the packaging of Cisco Adaptive Security Devi
 CVE-2022-20828 (A vulnerability in the CLI parser of Cisco FirePOWER Software for Adap ...)
 	NOT-FOR-US: Cisco
 CVE-2022-20827 (Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340,  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20826
 	RESERVED
 CVE-2022-20825 (A vulnerability in the web-based management interface of Cisco Small B ...)
@@ -57100,7 +57100,7 @@ CVE-2022-20822
 CVE-2022-20821 (A vulnerability in the health check RPM of Cisco IOS XR Software could ...)
 	NOT-FOR-US: Cisco
 CVE-2022-20820 (Multiple vulnerabilities in the web interface of Cisco Webex Meetings  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20819 (A vulnerability in the web-based management interface of Cisco Identit ...)
 	NOT-FOR-US: Cisco
 CVE-2022-20818
@@ -57108,7 +57108,7 @@ CVE-2022-20818
 CVE-2022-20817 (A vulnerability in Cisco Unified IP Phones could allow an unauthentica ...)
 	NOT-FOR-US: Cisco
 CVE-2022-20816 (A vulnerability in the web-based management interface of Cisco Unified ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20815 (A vulnerability in the web-based management interface of Cisco Unified ...)
 	NOT-FOR-US: Cisco
 CVE-2022-20814
@@ -57336,7 +57336,7 @@ CVE-2022-20715 (A vulnerability in the remote access SSL VPN features of Cisco A
 CVE-2022-20714 (A vulnerability in the data plane microcode of Lightspeed-Plus line ca ...)
 	NOT-FOR-US: Cisco
 CVE-2022-20713 (A vulnerability in the Clientless SSL VPN (WebVPN) component of Cisco  ...)
-	TODO: check
+	NOT-FOR-US: Cisco
 CVE-2022-20712 (Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340,  ...)
 	NOT-FOR-US: Cisco Small Business RV Series Routers
 CVE-2022-20711 (Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340,  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b30bdb20f7d3d26b7db3055f1cacfb37a13d483b

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b30bdb20f7d3d26b7db3055f1cacfb37a13d483b
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220811/f44985e8/attachment.htm>

More information about the debian-security-tracker-commits mailing list