"-Synchronized-Data."

2025-06-21 05:40:25 +00:00 · 2020-10-19 19:02:54 +00:00 · 2020-10-19 19:02:54 +00:00 · 05cb4dda84
commit 05cb4dda84
parent abeda33bb7
2 changed files with 56 additions and 7 deletions
--- a/2020/11xxx/CVE-2020-11496.json
+++ b/2020/11xxx/CVE-2020-11496.json
@ -1,17 +1,61 @@
 {
-    "data_type": "CVE",
-    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
-        "ID": "CVE-2020-11496",
        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ID": "CVE-2020-11496",
+        "STATE": "PUBLIC"
    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "n/a",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "n/a"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    },
+                    "vendor_name": "n/a"
+                }
+            ]
+        }
+    },
+    "data_format": "MITRE",
+    "data_type": "CVE",
+    "data_version": "4.0",
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "Sprecher SPRECON-E firmware prior to 8.64b might allow local attackers with access to engineering data to insert arbitrary code. This firmware lacks the validation of the input values on the device side, which is provided by the engineering software during parameterization. Attackers with access to local configuration files can therefore insert malicious commands that are executed after compiling them to valid parameter files (\u201cPDLs\u201d), transferring them to the device, and restarting the device."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "n/a"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "CONFIRM",
+                "name": "https://www.sprecher-automation.com/en/it-security/",
+                "url": "https://www.sprecher-automation.com/en/it-security/"
            }
        ]
    }
--- a/2020/16xxx/CVE-2020-16270.json
+++ b/2020/16xxx/CVE-2020-16270.json
@ -34,7 +34,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "OLIMPOKS before 5.1.0 allows Auth/Admin ErrorMessage XSS."
+                "value": "OLIMPOKS under 3.3.39 allows Auth/Admin ErrorMessage XSS. Remote Attacker can use discovered vulnerability to inject malicious JavaScript payload to victim\u2019s browsers in context of vulnerable applications. Executed code can be used to steal administrator\u2019s cookies, influence HTML content of targeted application and perform phishing-related attacks. Vulnerable application used in more than 3000 organizations in different sectors from retail to industries."
            }
        ]
    },
@ -61,6 +61,11 @@
                "refsource": "MISC",
                "name": "https://bdu.fstec.ru/vul/2020-04623",
                "url": "https://bdu.fstec.ru/vul/2020-04623"
+            },
+            {
+                "refsource": "MISC",
+                "name": "https://github.com/Security-AVS/CVE-2020-16270",
+                "url": "https://github.com/Security-AVS/CVE-2020-16270"
            }
        ]
    }