{"vulnerability": "CVE-2021-3594", "sightings": [{"uuid": "a34c940f-9b17-44fe-aea0-e9a182dd3e72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35941", "type": "seen", "source": "MISP/77e2575f-4cc0-4fca-b80d-42378757e3d2", "content": "", "creation_timestamp": "2024-11-14T06:09:09.000000Z"}, {"uuid": "20210de9-7763-41ce-9134-a3c89a7f4c82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2021-35942", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0287/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "598115da-cfa9-4f72-9db7-b6ee09fd94a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35943", "type": "seen", "source": "https://t.me/cibsecurity/29685", "content": "\u203c CVE-2021-35943 \u203c\n\nCouchbase Server 6.5.x and 6.6.x through 6.6.2 has Incorrect Access Control. Externally managed users are not prevented from using an empty password, per RFC4513.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-30T00:37:12.000000Z"}, {"uuid": "ac596169-a23f-42ae-9098-fa5f0604f382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35945", "type": "seen", "source": "https://t.me/cibsecurity/29686", "content": "\u203c CVE-2021-35945 \u203c\n\nCouchbase Server 6.5.x, 6.6.0 through 6.6.2, and 7.0.0, has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-30T00:37:13.000000Z"}, {"uuid": "81f35ec8-fe27-4ec2-8b98-d7bd6a97a5bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35944", "type": "seen", "source": "https://t.me/cibsecurity/29683", "content": "\u203c CVE-2021-35944 \u203c\n\nCouchbase Server 6.5.x, 6.6.x through 6.6.2, and 7.0.0 has a Buffer Overflow. A specially crafted network packet sent from an attacker can crash memcached.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-30T00:37:10.000000Z"}, {"uuid": "aae4a739-5b3a-4393-8506-86a2575c8d64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35949", "type": "seen", "source": "https://t.me/cibsecurity/28383", "content": "\u203c CVE-2021-35949 \u203c\n\nThe shareinfo controller in the ownCloud Server before 10.8.0 allows an attacker to bypass the permission checks for upload only shares and list metadata about the share.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-07T22:22:46.000000Z"}, {"uuid": "6af6a01b-0a67-4e9e-a188-486b4705fb3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35948", "type": "seen", "source": "https://t.me/cibsecurity/28394", "content": "\u203c CVE-2021-35948 \u203c\n\nSession fixation on password protected public links in the ownCloud Server before 10.8.0 allows an attacker to bypass the password protection when they can force a target client to use a controlled cookie.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-08T00:22:53.000000Z"}, {"uuid": "e9e15775-5704-4501-b16d-c8807678ca91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35946", "type": "seen", "source": "https://t.me/cibsecurity/28388", "content": "\u203c CVE-2021-35946 \u203c\n\nA receiver of a federated share with access to the database with ownCloud version before 10.8 could update the permissions and therefore elevate their own permissions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-08T00:22:47.000000Z"}, {"uuid": "8e1659c6-b24d-464b-90e6-cba7649166d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35947", "type": "seen", "source": "https://t.me/cibsecurity/28380", "content": "\u203c CVE-2021-35947 \u203c\n\nThe public share controller in the ownCloud server before version 10.8.0 allows a remote attacker to see the internal path and the username of a public share by including invalid characters in the URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-07T22:22:42.000000Z"}, {"uuid": "d002fa22-4b3e-4643-b876-771de92cf389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35941", "type": "exploited", "source": "https://t.me/SecLabNews/10479", "content": "\u0412 \u043c\u0430\u0441\u0441\u043e\u0432\u043e\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u0438\u0438 \u0434\u0430\u043d\u043d\u044b\u0445 \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Digital My Book \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Western Digital \u043f\u043e\u0432\u0438\u043d\u043d\u0430 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0441\u0442\u0430\u0440\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2018-18472, \u043a\u0430\u043a \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0443\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u043b\n \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044c, \u043d\u043e \u0438 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0432\u0448\u0430\u044f\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f, \u043f\u043e\u043b\u0443\u0447\u0438\u0432\u0448\u0430\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440 CVE-2021-35941, \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0441\u0431\u0440\u043e\u0441\u0438\u0442\u044c \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u0430\u0442\u0430\u043a\u0443\u0435\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0431\u0435\u0437 \u043f\u0430\u0440\u043e\u043b\u044f. \u0411\u043e\u043b\u0435\u0435 \u0442\u043e\u0433\u043e, \u0441\u0443\u0434\u044f \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u043a\u043e\u0434\u0443, \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a Western Digital \u0441\u0430\u043c \u0443\u0434\u0430\u043b\u0438\u043b \u043a\u043e\u0434, \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u0432\u0448\u0438\u0439 \u0432\u0432\u0435\u0434\u0435\u043d\u0438\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0430\u0440\u043e\u043b\u044f \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u043f\u0435\u0440\u0435\u0434 \u0441\u0431\u0440\u043e\u0441\u043e\u043c \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u0434\u043e \u0437\u0430\u0432\u043e\u0434\u0441\u043a\u0438\u0445.\n\n \n\nhttps://www.securitylab.ru/news/521752.php", "creation_timestamp": "2021-06-30T09:10:02.000000Z"}]}