cvelist/2020/7xxx/CVE-2020-7825.json

{
    "CVE_data_meta": {
        "ASSIGNER": "vuln@krcert.or.kr",
        "DATE_PUBLIC": "2020-07-15T02:33:00.000Z",
        "ID": "CVE-2020-7825",
        "STATE": "PUBLIC"
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "TOBESOFT",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "MiPlatform 320, 320U, 330, 330U",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_value": "2019.05.16 and earlier versions"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "A vulnerability exists that could allow the execution of operating system commands on systems running MiPlatform 2019.05.16 and earlier. An attacker could execute arbitrary remote command by sending parameters to WinExec function in ExtCommandApi.dll module of MiPlatform."
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.0.9"
    },
    "impact": {
        "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
            "version": "3.1"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-78 OS Command Injection"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "CONFIRM",
                "name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35509",
                "url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35509"
            }
        ]
    },
    "source": {
        "discovery": "UNKNOWN"
    }
}
"-Synchronized-Data." 2020-01-22 14:01:07 +00:00			`{`
			`"CVE_data_meta": {`
"-Synchronized-Data." 2020-07-17 16:01:19 +00:00			`"ASSIGNER": "vuln@krcert.or.kr",`
			`"DATE_PUBLIC": "2020-07-15T02:33:00.000Z",`
"-Synchronized-Data." 2020-01-22 14:01:07 +00:00			`"ID": "CVE-2020-7825",`
"-Synchronized-Data." 2020-07-17 16:01:19 +00:00			`"STATE": "PUBLIC"`
"-Synchronized-Data." 2020-01-22 14:01:07 +00:00			`},`
"-Synchronized-Data." 2020-07-17 16:01:19 +00:00			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"vendor_name": "TOBESOFT",`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "MiPlatform 320, 320U, 330, 330U",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "2019.05.16 and earlier versions"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
"-Synchronized-Data." 2020-01-22 14:01:07 +00:00			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2020-07-17 16:01:19 +00:00			`"value": "A vulnerability exists that could allow the execution of operating system commands on systems running MiPlatform 2019.05.16 and earlier. An attacker could execute arbitrary remote command by sending parameters to WinExec function in ExtCommandApi.dll module of MiPlatform."`
			`}`
			`]`
			`},`
			`"generator": {`
			`"engine": "Vulnogram 0.0.9"`
			`},`
			`"impact": {`
			`"cvss": {`
			`"attackComplexity": "LOW",`
			`"attackVector": "NETWORK",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 8.8,`
			`"baseSeverity": "HIGH",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"privilegesRequired": "NONE",`
			`"scope": "UNCHANGED",`
			`"userInteraction": "REQUIRED",`
			`"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",`
			`"version": "3.1"`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-78 OS Command Injection"`
			`}`
			`]`
"-Synchronized-Data." 2020-01-22 14:01:07 +00:00			`}`
			`]`
"-Synchronized-Data." 2020-07-17 16:01:19 +00:00			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"refsource": "CONFIRM",`
			`"name": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35509",`
			`"url": "https://www.boho.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=35509"`
			`}`
			`]`
			`},`
			`"source": {`
			`"discovery": "UNKNOWN"`
"-Synchronized-Data." 2020-01-22 14:01:07 +00:00			`}`
			`}`