Azure-Sentinel/Sample Data/Custom/Group IB TIA/GIBTIA_osi_vulnerability.json

{
    "affectedSoftware": [],
    "bulletinFamily": "NVD",
    "cpe": [
        "cpe:2.3:a:wqert:wqert:12.10.2:*:*:*:*:*:*:*"
    ],
    "cpeTable": [
        {
            "type": "software",
            "vendor": "wqert",
            "product": "wqert",
            "version": "12.10.2",
            "string": "cpe:/a:wqert:wqert:12.10.2",
            "string23": "cpe:2.3:a:wqert:wqert:12.10.2:*:*:*:*:*:*:*"
        }
    ],
    "cveList": null,
    "cvss": {
        "score": 4.0,
        "vector": "AV:N/AC:L/AU:S/CI:N/II:P/AI:N/E:X/RL:X/RC:X"
    },
    "dateLastSeen": "2021-01-20T12:38:06+03:00",
    "dateModified": "2021-01-20T04:15:00+03:00",
    "datePublished": "2021-01-20T04:15:00+03:00",
    "description": "XWiki 12.10.2 allows XSS via an SVG document to the upload feature of the comment section.",
    "displayOptions": {
        "isFavourite": false,
        "isHidden": false
    },
    "evaluation": {
        "admiraltyCode": "A1",
        "credibility": 100,
        "reliability": 100,
        "severity": "green",
        "tlp": "green",
        "ttl": 30
    },
    "exploitCount": 0,
    "exploitList": [],
    "extCvss": {
        "base": 3.5,
        "environmental": 0.0,
        "exploitability": 2.1000000000000001,
        "impact": 1.5,
        "mImpact": 0.0,
        "overall": 3.5,
        "temporal": 3.5,
        "vector": "AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N/E:X/RL:X/RC:X"
    },
    "extDescription": "A vulnerability, which was classified as problematic, has been found in XWiki 12.10.2 (Content Management System). This issue affects some unknown functionality of the component SVG Document Handler. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.",
    "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-3137",
    "id": "CVE-2021-3137",
    "lastseen": "2021-01-20T12:38:06+03:00",
    "portalLink": "https://bt.group-ib.com/osi/vulnerabilities?searchValue=id:CVE-2021-3137",
    "provider": "vulners.com",
    "references": [
        "https://www.exploit-db.com/exploits/49437"
    ],
    "reporter": "sanitized@sanitized.com",
    "seqUpdate": 16111508458231,
    "softwareMixed": [
        {
            "arch": [],
            "hardware": null,
            "hardwareVendor": null,
            "hardwareVersion": null,
            "os": null,
            "osVendor": null,
            "osVersion": null,
            "rel": {
                "93080479697c9f5396d724943fa52c0e19d6d7f3f0063cb5392d33a7e41c2c44": "cpe:/a:xwiki:xwiki:12.10.2"
            },
            "softwareFileName": null,
            "softwareName": [
                "xwiki"
            ],
            "softwareType": [
                "*"
            ],
            "softwareVersion": [
                "12.10.2"
            ],
            "softwareVersionString": "12.10.2",
            "vendor": "xwiki",
            "versionOperator": null
        }
    ],
    "threats": [],
    "threatsList": [],
    "timeLineData": [],
    "title": "CVE-2021-3137",
    "type": "cve"
}