1 changes (1 new | 0 updated):

      - 1 new CVEs:  CVE-2024-21984
      - 0 updated CVEs:

cves/2024/21xxx/CVE-2024-21984.json

@@ -0,0 +1,100 @@
+{
+    "dataType": "CVE_RECORD",
+    "dataVersion": "5.0",
+    "cveMetadata": {
+        "cveId": "CVE-2024-21984",
+        "assignerOrgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
+        "state": "PUBLISHED",
+        "assignerShortName": "netapp",
+        "dateReserved": "2024-01-03T19:45:25.346Z",
+        "datePublished": "2024-02-16T22:37:47.580Z",
+        "dateUpdated": "2024-02-16T22:37:47.580Z"
+    },
+    "containers": {
+        "cna": {
+            "affected": [
+                {
+                    "defaultStatus": "unaffected",
+                    "product": "StorageGRID",
+                    "vendor": "NetApp",
+                    "versions": [
+                        {
+                            "lessThan": "11.8",
+                            "status": "affected",
+                            "version": "0",
+                            "versionType": "general availability"
+                        }
+                    ]
+                }
+            ],
+            "descriptions": [
+                {
+                    "lang": "en",
+                    "supportingMedia": [
+                        {
+                            "base64": false,
+                            "type": "text/html",
+                            "value": "StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 \nare susceptible to a difficult to exploit Reflected Cross-Site Scripting\n (XSS) vulnerability. Successful exploit requires the attacker to know \nspecific information about the target instance and trick a privileged \nuser into clicking a specially crafted link. This could allow the \nattacker to view or modify configuration settings or add or modify user \naccounts. \n\n\n\n\n"
+                        }
+                    ],
+                    "value": "StorageGRID (formerly StorageGRID Webscale) versions prior to 11.8 \nare susceptible to a difficult to exploit Reflected Cross-Site Scripting\n (XSS) vulnerability. Successful exploit requires the attacker to know \nspecific information about the target instance and trick a privileged \nuser into clicking a specially crafted link. This could allow the \nattacker to view or modify configuration settings or add or modify user \naccounts. \n\n\n\n\n"
+                }
+            ],
+            "metrics": [
+                {
+                    "cvssV3_1": {
+                        "attackComplexity": "HIGH",
+                        "attackVector": "NETWORK",
+                        "availabilityImpact": "NONE",
+                        "baseScore": 5.9,
+                        "baseSeverity": "MEDIUM",
+                        "confidentialityImpact": "LOW",
+                        "integrityImpact": "HIGH",
+                        "privilegesRequired": "NONE",
+                        "scope": "UNCHANGED",
+                        "userInteraction": "REQUIRED",
+                        "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:H/A:N",
+                        "version": "3.1"
+                    },
+                    "format": "CVSS",
+                    "scenarios": [
+                        {
+                            "lang": "en",
+                            "value": "GENERAL"
+                        }
+                    ]
+                }
+            ],
+            "problemTypes": [
+                {
+                    "descriptions": [
+                        {
+                            "cweId": "CWE-79",
+                            "description": "CWE-79",
+                            "lang": "en",
+                            "type": "CWE"
+                        }
+                    ]
+                }
+            ],
+            "providerMetadata": {
+                "orgId": "11fdca00-0482-4c88-a206-37f9c182c87d",
+                "shortName": "netapp",
+                "dateUpdated": "2024-02-16T22:37:47.580Z"
+            },
+            "references": [
+                {
+                    "url": "https://security.netapp.com/advisory/ntap-20240216-0013/"
+                }
+            ],
+            "source": {
+                "advisory": "NTAP-20240216-0013",
+                "discovery": "UNKNOWN"
+            },
+            "title": "Reflected Cross-Site Scripting Vulnerability in StorageGRID (formerly StorageGRID Webscale)",
+            "x_generator": {
+                "engine": "Vulnogram 0.1.0-dev"
+            }
+        }
+    }
+}

cves/delta.json

@@ -1,12 +1,12 @@
 {
-  "fetchTime": "2024-02-16T22:35:26.859Z",
+  "fetchTime": "2024-02-16T22:41:00.519Z",
   "numberOfChanges": 1,
   "new": [
     {
-      "cveId": "CVE-2024-21983",
-      "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-21983",
-      "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/21xxx/CVE-2024-21983.json",
-      "dateUpdated": "2024-02-16T22:35:02.365Z"
+      "cveId": "CVE-2024-21984",
+      "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-21984",
+      "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/21xxx/CVE-2024-21984.json",
+      "dateUpdated": "2024-02-16T22:37:47.580Z"
     }
   ],
   "updated": [],

cves/deltaLog.json

@@ -1,4 +1,18 @@
 [
+  {
+    "fetchTime": "2024-02-16T22:41:00.519Z",
+    "numberOfChanges": 1,
+    "new": [
+      {
+        "cveId": "CVE-2024-21984",
+        "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-21984",
+        "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/21xxx/CVE-2024-21984.json",
+        "dateUpdated": "2024-02-16T22:37:47.580Z"
+      }
+    ],
+    "updated": [],
+    "error": []
+  },
   {
     "fetchTime": "2024-02-16T22:35:26.859Z",
     "numberOfChanges": 1,