Auto Generated CVE annotations [Mon Sep 5 11:04:01 UTC 2022] 🤖

cves/2021/CVE-2021-35380.yaml

@@ -11,8 +11,11 @@ info:
     - https://www.exploit-db.com/exploits/50638
     - https://nvd.nist.gov/vuln/detail/CVE-2021-35380
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
+    cvss-score: 7.5
     cve-id: CVE-2021-35380
-  tags: cve,cve2022,termtalk,lfi,unauth,lfr
+    cwe-id: CWE-22
+  tags: cve,cve2022,termtalk,lfi,unauth,lfr,edb
 
 requests:
   - method: GET

cves/2022/CVE-2022-35405.yaml

@@ -10,11 +10,14 @@ info:
     - https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/zoho_password_manager_pro_xml_rpc_rce.rb
     - https://xz.aliyun.com/t/11578
     - https://nvd.nist.gov/vuln/detail/CVE-2022-35405
+    - https://www.manageengine.com/products/passwordmanagerpro/advisory/cve-2022-35405.html
   classification:
+    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
+    cvss-score: 9.8
     cve-id: CVE-2022-35405
   metadata:
     shodan-query: http.title:"ManageEngine Password"
-  tags: cve,cve2022,rce,zoho,passwordmanager,deserialization,unauth
+  tags: cve,cve2022,rce,zoho,passwordmanager,deserialization,unauth,msf
 
 requests:
   - raw: