cvelist/2020/7xxx/CVE-2020-7284.json

{
    "CVE_data_meta": {
        "ASSIGNER": "psirt@mcafee.com",
        "ID": "CVE-2020-7284",
        "STATE": "PUBLIC",
        "TITLE": "Network Security Management (NSM) - Exposure of Sensitive Information "
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Network Security Management (NSM)",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "<",
                                            "version_value": "10.1.7.7"
                                        }
                                    ]
                                }
                            }
                        ]
                    },
                    "vendor_name": "McAfee"
                }
            ]
        }
    },
    "data_format": "MITRE",
    "data_type": "CVE",
    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Exposure of Sensitive Information in McAfee Network Security Management (NSM) prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface (CLI)."
            }
        ]
    },
    "generator": {
        "engine": "Vulnogram 0.0.9"
    },
    "impact": {
        "cvss": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
            "version": "3.1"
        }
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-200 Information Exposure"
                    }
                ]
            }
        ]
    },
    "references": {
        "reference_data": [
            {
                "refsource": "MISC",
                "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10322",
                "name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10322"
            }
        ]
    },
    "source": {
        "advisory": "SB10322",
        "discovery": "EXTERNAL"
    }
}
"-Synchronized-Data." 2020-01-21 14:01:08 +00:00			`{`
			`"CVE_data_meta": {`
Update CVE-2020-7284.json 2020-07-03 13:37:54 -05:00			`"ASSIGNER": "psirt@mcafee.com",`
"-Synchronized-Data." 2020-01-21 14:01:08 +00:00			`"ID": "CVE-2020-7284",`
Update CVE-2020-7284.json 2020-07-03 13:37:54 -05:00			`"STATE": "PUBLIC",`
			`"TITLE": "Network Security Management (NSM) - Exposure of Sensitive Information "`
"-Synchronized-Data." 2020-01-21 14:01:08 +00:00			`},`
Update CVE-2020-7284.json 2020-07-03 13:37:54 -05:00			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Network Security Management (NSM)",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_affected": "<",`
			`"version_value": "10.1.7.7"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "McAfee"`
			`}`
			`]`
			`}`
			`},`
			`"data_format": "MITRE",`
			`"data_type": "CVE",`
			`"data_version": "4.0",`
"-Synchronized-Data." 2020-01-21 14:01:08 +00:00			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
"-Synchronized-Data." 2020-07-03 19:01:27 +00:00			`"value": "Exposure of Sensitive Information in McAfee Network Security Management (NSM) prior to 10.1.7.7 allows local users to gain unauthorised access to the root account via execution of carefully crafted commands from the restricted command line interface (CLI)."`
Update CVE-2020-7284.json 2020-07-03 13:37:54 -05:00			`}`
			`]`
			`},`
			`"generator": {`
			`"engine": "Vulnogram 0.0.9"`
			`},`
			`"impact": {`
			`"cvss": {`
			`"attackComplexity": "LOW",`
			`"attackVector": "LOCAL",`
			`"availabilityImpact": "HIGH",`
			`"baseScore": 8.6,`
			`"baseSeverity": "HIGH",`
			`"confidentialityImpact": "HIGH",`
			`"integrityImpact": "HIGH",`
			`"privilegesRequired": "NONE",`
			`"scope": "CHANGED",`
			`"userInteraction": "REQUIRED",`
			`"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",`
			`"version": "3.1"`
			`}`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "CWE-200 Information Exposure"`
			`}`
			`]`
"-Synchronized-Data." 2020-01-21 14:01:08 +00:00			`}`
			`]`
Update CVE-2020-7284.json 2020-07-03 13:37:54 -05:00			`},`
			`"references": {`
			`"reference_data": [`
			`{`
"-Synchronized-Data." 2020-07-03 19:01:27 +00:00			`"refsource": "MISC",`
			`"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10322",`
			`"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10322"`
Update CVE-2020-7284.json 2020-07-03 13:37:54 -05:00			`}`
			`]`
			`},`
			`"source": {`
			`"advisory": "SB10322",`
			`"discovery": "EXTERNAL"`
"-Synchronized-Data." 2020-01-21 14:01:08 +00:00			`}`
"-Synchronized-Data." 2020-07-03 19:01:27 +00:00			`}`