From 0765cf2883647ce4a3aee199fde4fa086837b1e7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 21 Oct 2020 19:04:23 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/11xxx/CVE-2018-11764.json | 58 +++++++++++++++++++++++++++---- 2020/25xxx/CVE-2020-25820.json | 15 +++++--- 2020/27xxx/CVE-2020-27601.json | 63 ++++------------------------------ 2020/27xxx/CVE-2020-27602.json | 63 ++++------------------------------ 2020/27xxx/CVE-2020-27603.json | 2 +- 2020/27xxx/CVE-2020-27605.json | 2 +- 2020/27xxx/CVE-2020-27606.json | 2 +- 2020/27xxx/CVE-2020-27607.json | 2 +- 2020/27xxx/CVE-2020-27608.json | 2 +- 2020/27xxx/CVE-2020-27609.json | 2 +- 2020/27xxx/CVE-2020-27610.json | 2 +- 2020/27xxx/CVE-2020-27611.json | 2 +- 2020/27xxx/CVE-2020-27612.json | 2 +- 2020/27xxx/CVE-2020-27613.json | 2 +- 2020/3xxx/CVE-2020-3299.json | 4 +-- 2020/3xxx/CVE-2020-3436.json | 4 +-- 2020/3xxx/CVE-2020-3455.json | 4 +-- 2020/3xxx/CVE-2020-3456.json | 4 +-- 2020/3xxx/CVE-2020-3457.json | 4 +-- 2020/3xxx/CVE-2020-3458.json | 4 +-- 2020/3xxx/CVE-2020-3459.json | 4 +-- 2020/3xxx/CVE-2020-3515.json | 4 +-- 2020/3xxx/CVE-2020-3528.json | 4 +-- 2020/3xxx/CVE-2020-3529.json | 4 +-- 2020/3xxx/CVE-2020-3533.json | 4 +-- 2020/3xxx/CVE-2020-3549.json | 4 +-- 2020/3xxx/CVE-2020-3550.json | 4 +-- 2020/3xxx/CVE-2020-3553.json | 4 +-- 28 files changed, 113 insertions(+), 162 deletions(-) diff --git a/2018/11xxx/CVE-2018-11764.json b/2018/11xxx/CVE-2018-11764.json index 80768240f35..c35b4ee1b45 100644 --- a/2018/11xxx/CVE-2018-11764.json +++ b/2018/11xxx/CVE-2018-11764.json @@ -1,17 +1,61 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2018-11764", - "STATE": "RESERVED" - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2018-11764", + "ASSIGNER": "security@apache.org", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Apache Hadoop", + "version": { + "version_data": [ + { + "version_value": "Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, 3.0.0" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Privilege Escalation" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://lists.apache.org/thread.html/r790ad0a049cde713b93589ecfd4dd2766fda0fc6807eedb6cf69f5c1%40%3Cgeneral.hadoop.apache.org%3E", + "url": "https://lists.apache.org/thread.html/r790ad0a049cde713b93589ecfd4dd2766fda0fc6807eedb6cf69f5c1%40%3Cgeneral.hadoop.apache.org%3E" + } + ] + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Web endpoint authentication check is broken in Apache Hadoop 3.0.0-alpha4, 3.0.0-beta1, and 3.0.0. Authenticated users may impersonate any user even if no proxy user is configured." } ] } diff --git a/2020/25xxx/CVE-2020-25820.json b/2020/25xxx/CVE-2020-25820.json index 8a3024c76b0..177341bf259 100644 --- a/2020/25xxx/CVE-2020-25820.json +++ b/2020/25xxx/CVE-2020-25820.json @@ -57,11 +57,6 @@ "refsource": "MISC", "name": "https://www.redteam-pentesting.de/advisories/rt-sa-2020-005" }, - { - "url": "https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.6...v2.2.7", - "refsource": "MISC", - "name": "https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.6...v2.2.7" - }, { "url": "https://www.golem.de/news/big-blue-button-das-grosse-blaue-sicherheitsrisiko-2010-151610.html", "refsource": "MISC", @@ -71,6 +66,16 @@ "refsource": "MISC", "name": "http://packetstormsecurity.com/files/159667/BigBlueButton-2.2.25-File-Disclosure-Server-Side-Request-Forgery.html", "url": "http://packetstormsecurity.com/files/159667/BigBlueButton-2.2.25-File-Disclosure-Server-Side-Request-Forgery.html" + }, + { + "refsource": "MISC", + "name": "https://github.com/bigbluebutton/bigbluebutton/commit/71fe1eac1e5bd73a2cd44bd79c001086b250e435", + "url": "https://github.com/bigbluebutton/bigbluebutton/commit/71fe1eac1e5bd73a2cd44bd79c001086b250e435" + }, + { + "refsource": "MISC", + "name": "https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.26...v2.2.27", + "url": "https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.26...v2.2.27" } ] } diff --git a/2020/27xxx/CVE-2020-27601.json b/2020/27xxx/CVE-2020-27601.json index 347ec7a7a6c..51e3f0884de 100644 --- a/2020/27xxx/CVE-2020-27601.json +++ b/2020/27xxx/CVE-2020-27601.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-27601", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27601", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "In BigBlueButton before 2.2.7, lockSettingsProps.disablePrivateChat does not apply to already opened chats. This occurs in bigbluebutton-html5/imports/ui/components/chat/service.js." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.6...v2.2.7", - "refsource": "MISC", - "name": "https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.6...v2.2.7" - }, - { - "url": "https://github.com/bigbluebutton/bigbluebutton/commit/7dcdfb191373684bafa7b11cdd0128c9869040a1", - "refsource": "MISC", - "name": "https://github.com/bigbluebutton/bigbluebutton/commit/7dcdfb191373684bafa7b11cdd0128c9869040a1" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/27xxx/CVE-2020-27602.json b/2020/27xxx/CVE-2020-27602.json index a86af756a71..3d6f2c4b888 100644 --- a/2020/27xxx/CVE-2020-27602.json +++ b/2020/27xxx/CVE-2020-27602.json @@ -1,66 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-27602", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-27602", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, "description": { "description_data": [ { "lang": "eng", - "value": "BigBlueButton before 2.2.7 does not have a protection mechanism for separator injection in meetingId, userId, and authToken." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "url": "https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.6...v2.2.7", - "refsource": "MISC", - "name": "https://github.com/bigbluebutton/bigbluebutton/compare/v2.2.6...v2.2.7" - }, - { - "url": "https://github.com/bigbluebutton/bigbluebutton/commit/4bfd924c64da2681f4c037026021f47eb189d717", - "refsource": "MISC", - "name": "https://github.com/bigbluebutton/bigbluebutton/commit/4bfd924c64da2681f4c037026021f47eb189d717" + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." } ] } diff --git a/2020/27xxx/CVE-2020-27603.json b/2020/27xxx/CVE-2020-27603.json index fc9f4bba83c..d210fc600a5 100644 --- a/2020/27xxx/CVE-2020-27603.json +++ b/2020/27xxx/CVE-2020-27603.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "BigBlueButton before 2.2.7 has an unsafe JODConverter setting in which LibreOffice document conversions can access external files." + "value": "BigBlueButton before 2.2.27 has an unsafe JODConverter setting in which LibreOffice document conversions can access external files." } ] }, diff --git a/2020/27xxx/CVE-2020-27605.json b/2020/27xxx/CVE-2020-27605.json index 3432f7a37d7..641c164217f 100644 --- a/2020/27xxx/CVE-2020-27605.json +++ b/2020/27xxx/CVE-2020-27605.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "BigBlueButton through 2.2.8 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks related to a \"schwache Sandbox.\"" + "value": "BigBlueButton through 2.2.28 uses Ghostscript for processing of uploaded EPS documents, and consequently may be subject to attacks related to a \"schwache Sandbox.\"" } ] }, diff --git a/2020/27xxx/CVE-2020-27606.json b/2020/27xxx/CVE-2020-27606.json index f7d818e3929..92ba07a48cc 100644 --- a/2020/27xxx/CVE-2020-27606.json +++ b/2020/27xxx/CVE-2020-27606.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "BigBlueButton before 2.2.8 (or earlier) does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session." + "value": "BigBlueButton before 2.2.28 (or earlier) does not set the secure flag for the session cookie in an https session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an http session." } ] }, diff --git a/2020/27xxx/CVE-2020-27607.json b/2020/27xxx/CVE-2020-27607.json index 56f6f6260c7..7253bd84675 100644 --- a/2020/27xxx/CVE-2020-27607.json +++ b/2020/27xxx/CVE-2020-27607.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "In BigBlueButton before 2.2.8 (or earlier), the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to stop sending audio data to the server, and thus a modified server could store the audio data and/or transmit it to one or more meeting participants or other third parties." + "value": "In BigBlueButton before 2.2.28 (or earlier), the client-side Mute button only signifies that the server should stop accepting audio data from the client. It does not directly configure the client to stop sending audio data to the server, and thus a modified server could store the audio data and/or transmit it to one or more meeting participants or other third parties." } ] }, diff --git a/2020/27xxx/CVE-2020-27608.json b/2020/27xxx/CVE-2020-27608.json index f45778c9bfd..2e7831b109d 100644 --- a/2020/27xxx/CVE-2020-27608.json +++ b/2020/27xxx/CVE-2020-27608.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "In BigBlueButton before 2.2.8 (or earlier), uploaded presentations are sent to clients without a Content-Type header, which allows XSS, as demonstrated by a .png file extension for an HTML document." + "value": "In BigBlueButton before 2.2.28 (or earlier), uploaded presentations are sent to clients without a Content-Type header, which allows XSS, as demonstrated by a .png file extension for an HTML document." } ] }, diff --git a/2020/27xxx/CVE-2020-27609.json b/2020/27xxx/CVE-2020-27609.json index b5e7de5c028..f241debb1df 100644 --- a/2020/27xxx/CVE-2020-27609.json +++ b/2020/27xxx/CVE-2020-27609.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "BigBlueButton through 2.2.8 records a video meeting despite the deactivation of video recording in the user interface. This may result in data storage beyond what is authorized for a specific meeting topic or participant." + "value": "BigBlueButton through 2.2.28 records a video meeting despite the deactivation of video recording in the user interface. This may result in data storage beyond what is authorized for a specific meeting topic or participant." } ] }, diff --git a/2020/27xxx/CVE-2020-27610.json b/2020/27xxx/CVE-2020-27610.json index 78a4af437e3..0ab054267db 100644 --- a/2020/27xxx/CVE-2020-27610.json +++ b/2020/27xxx/CVE-2020-27610.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "The installation procedure in BigBlueButton before 2.2.8 (or earlier) exposes certain network services to external interfaces, and does not automatically set up a firewall configuration to block external access." + "value": "The installation procedure in BigBlueButton before 2.2.28 (or earlier) exposes certain network services to external interfaces, and does not automatically set up a firewall configuration to block external access." } ] }, diff --git a/2020/27xxx/CVE-2020-27611.json b/2020/27xxx/CVE-2020-27611.json index e9336b686f9..ac1962484a2 100644 --- a/2020/27xxx/CVE-2020-27611.json +++ b/2020/27xxx/CVE-2020-27611.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "BigBlueButton through 2.2.8 uses STUN/TURN resources from a third party, which may represent an unintended endpoint." + "value": "BigBlueButton through 2.2.28 uses STUN/TURN resources from a third party, which may represent an unintended endpoint." } ] }, diff --git a/2020/27xxx/CVE-2020-27612.json b/2020/27xxx/CVE-2020-27612.json index d767aa9fffc..91505bf5f6a 100644 --- a/2020/27xxx/CVE-2020-27612.json +++ b/2020/27xxx/CVE-2020-27612.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Greenlight in BigBlueButton through 2.2.8 places usernames in room URLs, which may represent an unintended information leak to users in a room, or an information leak to outsiders if any user publishes a screenshot of a browser window." + "value": "Greenlight in BigBlueButton through 2.2.28 places usernames in room URLs, which may represent an unintended information leak to users in a room, or an information leak to outsiders if any user publishes a screenshot of a browser window." } ] }, diff --git a/2020/27xxx/CVE-2020-27613.json b/2020/27xxx/CVE-2020-27613.json index 2e5ec6fa1ff..80bcd3ae72e 100644 --- a/2020/27xxx/CVE-2020-27613.json +++ b/2020/27xxx/CVE-2020-27613.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "The installation procedure in BigBlueButton before 2.2.8 (or earlier) uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access." + "value": "The installation procedure in BigBlueButton before 2.2.28 (or earlier) uses ClueCon as the FreeSWITCH password, which allows local users to achieve unintended FreeSWITCH access." } ] }, diff --git a/2020/3xxx/CVE-2020-3299.json b/2020/3xxx/CVE-2020-3299.json index c8a48213dc2..227f35f20fc 100644 --- a/2020/3xxx/CVE-2020-3299.json +++ b/2020/3xxx/CVE-2020-3299.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP.\r The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload.\r " + "value": "Multiple Cisco products are affected by a vulnerability in the Snort detection engine that could allow an unauthenticated, remote attacker to bypass a configured File Policy for HTTP. The vulnerability is due to incorrect detection of modified HTTP packets used in chunked responses. An attacker could exploit this vulnerability by sending crafted HTTP packets through an affected device. A successful exploit could allow the attacker to bypass a configured File Policy for HTTP packets and deliver a malicious payload." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3436.json b/2020/3xxx/CVE-2020-3436.json index 8f0864cffd9..ee034d65e8f 100644 --- a/2020/3xxx/CVE-2020-3436.json +++ b/2020/3xxx/CVE-2020-3436.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload.\r The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition.\r " + "value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to upload arbitrary-sized files to specific folders on an affected device, which could lead to an unexpected device reload. The vulnerability exists because the affected software does not efficiently handle the writing of large files to specific folders on the local file system. An attacker could exploit this vulnerability by uploading files to those specific folders. A successful exploit could allow the attacker to write a file that triggers a watchdog timeout, which would cause the device to unexpectedly reload, causing a denial of service (DoS) condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3455.json b/2020/3xxx/CVE-2020-3455.json index 946e21dca86..3e1ed1192ff 100644 --- a/2020/3xxx/CVE-2020-3455.json +++ b/2020/3xxx/CVE-2020-3455.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. \r The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots.\r " + "value": "A vulnerability in the secure boot process of Cisco FXOS Software could allow an authenticated, local attacker to bypass the secure boot mechanisms. The vulnerability is due to insufficient protections of the secure boot process. An attacker could exploit this vulnerability by injecting code into a specific file that is then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device which would be executed at each boot and maintain persistence across reboots." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3456.json b/2020/3xxx/CVE-2020-3456.json index fd42ee009d5..cefa761845c 100644 --- a/2020/3xxx/CVE-2020-3456.json +++ b/2020/3xxx/CVE-2020-3456.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected device. \r The vulnerability is due to insufficient CSRF protections for the FCM interface. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to send arbitrary requests that could take unauthorized actions on behalf of the targeted user.\r " + "value": "A vulnerability in the Cisco Firepower Chassis Manager (FCM) of Cisco FXOS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected device. The vulnerability is due to insufficient CSRF protections for the FCM interface. An attacker could exploit this vulnerability by persuading a targeted user to click a malicious link. A successful exploit could allow the attacker to send arbitrary requests that could take unauthorized actions on behalf of the targeted user." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3457.json b/2020/3xxx/CVE-2020-3457.json index f3fe1292acc..a48780d34ab 100644 --- a/2020/3xxx/CVE-2020-3457.json +++ b/2020/3xxx/CVE-2020-3457.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.\r The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.\r " + "value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3458.json b/2020/3xxx/CVE-2020-3458.json index 660370ceba5..cdfe3ccfd18 100644 --- a/2020/3xxx/CVE-2020-3458.json +++ b/2020/3xxx/CVE-2020-3458.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism. \r The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots.\r " + "value": "Multiple vulnerabilities in the secure boot process of Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software for the Firepower 1000 Series and Firepower 2100 Series Appliances could allow an authenticated, local attacker to bypass the secure boot mechanism. The vulnerabilities are due to insufficient protections of the secure boot process. An attacker could exploit these vulnerabilities by injecting code into specific files that are then referenced during the device boot process. A successful exploit could allow the attacker to break the chain of trust and inject code into the boot process of the device, which would be executed at each boot and maintain persistence across reboots." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3459.json b/2020/3xxx/CVE-2020-3459.json index 74a8f76750c..37c61df2718 100644 --- a/2020/3xxx/CVE-2020-3459.json +++ b/2020/3xxx/CVE-2020-3459.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges.\r The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges.\r " + "value": "A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of commands supplied by the user. An attacker could exploit this vulnerability by authenticating to a device and submitting crafted input to the affected command. A successful exploit could allow the attacker to execute commands on the underlying operating system with root privileges." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3515.json b/2020/3xxx/CVE-2020-3515.json index 8ce1abb0cb1..1b1b458b64c 100644 --- a/2020/3xxx/CVE-2020-3515.json +++ b/2020/3xxx/CVE-2020-3515.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.\r " + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3528.json b/2020/3xxx/CVE-2020-3528.json index 32a59843e29..140662e1580 100644 --- a/2020/3xxx/CVE-2020-3528.json +++ b/2020/3xxx/CVE-2020-3528.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.\r The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition.\r " + "value": "A vulnerability in the OSPF Version 2 (OSPFv2) implementation of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incomplete input validation when the affected software processes certain OSPFv2 packets with Link-Local Signaling (LLS) data. An attacker could exploit this vulnerability by sending a malformed OSPFv2 packet to an affected device. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3529.json b/2020/3xxx/CVE-2020-3529.json index 7df0d291b1a..2113e8d61c3 100644 --- a/2020/3xxx/CVE-2020-3529.json +++ b/2020/3xxx/CVE-2020-3529.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition.\r The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition.\r " + "value": "A vulnerability in the SSL VPN negotiation process for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to inefficient direct memory access (DMA) memory management during the negotiation phase of an SSL VPN connection. An attacker could exploit this vulnerability by sending a steady stream of crafted Datagram TLS (DTLS) traffic to an affected device. A successful exploit could allow the attacker to exhaust DMA memory on the device and cause a DoS condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3533.json b/2020/3xxx/CVE-2020-3533.json index 5c519171d91..fcfbb86299e 100644 --- a/2020/3xxx/CVE-2020-3533.json +++ b/2020/3xxx/CVE-2020-3533.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly.\r The vulnerability is due to a lack of sufficient memory management protections under heavy SNMP polling loads. An attacker could exploit this vulnerability by sending a high rate of SNMP requests to the SNMP daemon through the management interface on an affected device. A successful exploit could allow the attacker to cause the SNMP daemon process to consume a large amount of system memory over time, which could then lead to an unexpected device restart, causing a denial of service (DoS) condition.\r This vulnerability affects all versions of SNMP.\r " + "value": "A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to restart unexpectedly. The vulnerability is due to a lack of sufficient memory management protections under heavy SNMP polling loads. An attacker could exploit this vulnerability by sending a high rate of SNMP requests to the SNMP daemon through the management interface on an affected device. A successful exploit could allow the attacker to cause the SNMP daemon process to consume a large amount of system memory over time, which could then lead to an unexpected device restart, causing a denial of service (DoS) condition. This vulnerability affects all versions of SNMP." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3549.json b/2020/3xxx/CVE-2020-3549.json index 912f8288909..9f3191cec0f 100644 --- a/2020/3xxx/CVE-2020-3549.json +++ b/2020/3xxx/CVE-2020-3549.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash.\r The vulnerability is due to insufficient sftunnel negotiation protection during initial device registration. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a specific flow of the sftunnel communication between an FMC device and an FTD device. A successful exploit could allow the attacker to decrypt and modify the sftunnel communication between FMC and FTD devices, allowing the attacker to modify configuration data sent from an FMC device to an FTD device or alert data sent from an FTD device to an FMC device.\r " + "value": "A vulnerability in the sftunnel functionality of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to obtain the device registration hash. The vulnerability is due to insufficient sftunnel negotiation protection during initial device registration. An attacker in a man-in-the-middle position could exploit this vulnerability by intercepting a specific flow of the sftunnel communication between an FMC device and an FTD device. A successful exploit could allow the attacker to decrypt and modify the sftunnel communication between FMC and FTD devices, allowing the attacker to modify configuration data sent from an FMC device to an FTD device or alert data sent from an FTD device to an FMC device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3550.json b/2020/3xxx/CVE-2020-3550.json index a06b75df192..2c991a7f92c 100644 --- a/2020/3xxx/CVE-2020-3550.json +++ b/2020/3xxx/CVE-2020-3550.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path.\r The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device.\r " + "value": "A vulnerability in the sfmgr daemon of Cisco Firepower Management Center (FMC) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to perform directory traversal and access directories outside the restricted path. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a relative path in specific sfmgr commands. An exploit could allow the attacker to read or write arbitrary files on an sftunnel-connected peer device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3553.json b/2020/3xxx/CVE-2020-3553.json index 78353d6e8fd..0b2c5756864 100644 --- a/2020/3xxx/CVE-2020-3553.json +++ b/2020/3xxx/CVE-2020-3553.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface.\r These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information.\r " + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file