From 096d13ee07ddbc89571794bf8c005e1cd417bf97 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 12 Aug 2020 17:01:33 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/11xxx/CVE-2020-11937.json | 7 ++- 2020/12xxx/CVE-2020-12135.json | 5 ++ 2020/15xxx/CVE-2020-15137.json | 2 +- 2020/15xxx/CVE-2020-15570.json | 5 ++ 2020/17xxx/CVE-2020-17499.json | 18 ++++++ 2020/17xxx/CVE-2020-17500.json | 18 ++++++ 2020/17xxx/CVE-2020-17501.json | 18 ++++++ 2020/17xxx/CVE-2020-17502.json | 18 ++++++ 2020/17xxx/CVE-2020-17503.json | 18 ++++++ 2020/17xxx/CVE-2020-17504.json | 18 ++++++ 2020/17xxx/CVE-2020-17505.json | 62 +++++++++++++++++++ 2020/17xxx/CVE-2020-17506.json | 62 +++++++++++++++++++ 2020/5xxx/CVE-2020-5415.json | 4 +- 2020/6xxx/CVE-2020-6653.json | 105 +++++++++++++++++++++++++++++++-- 14 files changed, 350 insertions(+), 10 deletions(-) create mode 100644 2020/17xxx/CVE-2020-17499.json create mode 100644 2020/17xxx/CVE-2020-17500.json create mode 100644 2020/17xxx/CVE-2020-17501.json create mode 100644 2020/17xxx/CVE-2020-17502.json create mode 100644 2020/17xxx/CVE-2020-17503.json create mode 100644 2020/17xxx/CVE-2020-17504.json create mode 100644 2020/17xxx/CVE-2020-17505.json create mode 100644 2020/17xxx/CVE-2020-17506.json diff --git a/2020/11xxx/CVE-2020-11937.json b/2020/11xxx/CVE-2020-11937.json index 1aa4aea6862..1bf20c83ec9 100644 --- a/2020/11xxx/CVE-2020-11937.json +++ b/2020/11xxx/CVE-2020-11937.json @@ -111,6 +111,11 @@ "name": "https://github.com/sungjungk/whoopsie_killer", "refsource": "CONFIRM", "url": "https://github.com/sungjungk/whoopsie_killer" + }, + { + "refsource": "UBUNTU", + "name": "USN-4450-1", + "url": "https://usn.ubuntu.com/4450-1/" } ] }, @@ -123,4 +128,4 @@ "discovery": "EXTERNAL" }, "work_around": [] -} +} \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12135.json b/2020/12xxx/CVE-2020-12135.json index 32dd5fd11dd..683b43bad36 100644 --- a/2020/12xxx/CVE-2020-12135.json +++ b/2020/12xxx/CVE-2020-12135.json @@ -66,6 +66,11 @@ "url": "https://github.com/10gen-archive/mongo-c-driver-legacy/commit/1a1f5e26a4309480d88598913f9eebf9e9cba8ca#diff-f7d29a680148f52d6601f59ed787f577", "refsource": "MISC", "name": "https://github.com/10gen-archive/mongo-c-driver-legacy/commit/1a1f5e26a4309480d88598913f9eebf9e9cba8ca#diff-f7d29a680148f52d6601f59ed787f577" + }, + { + "refsource": "UBUNTU", + "name": "USN-4450-1", + "url": "https://usn.ubuntu.com/4450-1/" } ] } diff --git a/2020/15xxx/CVE-2020-15137.json b/2020/15xxx/CVE-2020-15137.json index bdcfcdeaec5..5cc14730c42 100644 --- a/2020/15xxx/CVE-2020-15137.json +++ b/2020/15xxx/CVE-2020-15137.json @@ -35,7 +35,7 @@ "description_data": [ { "lang": "eng", - "value": "All versions of HoRNDIS are affected by an integer overflow in the RNDIS packet parsing routines. A malicious USB device can trigger disclosure of unrelated kernel memory to userspace applications on the host, or can cause the kernel to crash. Kernel memory disclosure is especially likely on 32-bit kernels; 64-bit kernels are more likely to crash on attempted exploitation. It is not believed that kernel memory corruption is possible, or that unattended kernel memory disclosure without the collaboration of a userspace program running on the host is possible.\n\nThe vulnerability is in `HoRNDIS::receivePacket`. `msg_len`, `data_ofs`, and `data_len` can be controlled by an attached USB device, and a negative value of `data_ofs` can bypass the check for `(data_ofs + data_len + 8) > msg_len`, and subsequently can cause a wild pointer copy in the `mbuf_copyback` call. \n\nThe software is not maintained and no patches are planned. Users of multi-tenant systems with HoRNDIS installed should only connect trusted USB devices to their system." + "value": "All versions of HoRNDIS are affected by an integer overflow in the RNDIS packet parsing routines. A malicious USB device can trigger disclosure of unrelated kernel memory to userspace applications on the host, or can cause the kernel to crash. Kernel memory disclosure is especially likely on 32-bit kernels; 64-bit kernels are more likely to crash on attempted exploitation. It is not believed that kernel memory corruption is possible, or that unattended kernel memory disclosure without the collaboration of a userspace program running on the host is possible. The vulnerability is in `HoRNDIS::receivePacket`. `msg_len`, `data_ofs`, and `data_len` can be controlled by an attached USB device, and a negative value of `data_ofs` can bypass the check for `(data_ofs + data_len + 8) > msg_len`, and subsequently can cause a wild pointer copy in the `mbuf_copyback` call. The software is not maintained and no patches are planned. Users of multi-tenant systems with HoRNDIS installed should only connect trusted USB devices to their system." } ] }, diff --git a/2020/15xxx/CVE-2020-15570.json b/2020/15xxx/CVE-2020-15570.json index 2636e195542..64c1108a3f4 100644 --- a/2020/15xxx/CVE-2020-15570.json +++ b/2020/15xxx/CVE-2020-15570.json @@ -71,6 +71,11 @@ "url": "https://launchpad.net/ubuntu/+source/whoopsie", "refsource": "MISC", "name": "https://launchpad.net/ubuntu/+source/whoopsie" + }, + { + "refsource": "UBUNTU", + "name": "USN-4450-1", + "url": "https://usn.ubuntu.com/4450-1/" } ] } diff --git a/2020/17xxx/CVE-2020-17499.json b/2020/17xxx/CVE-2020-17499.json new file mode 100644 index 00000000000..74e3d62124a --- /dev/null +++ b/2020/17xxx/CVE-2020-17499.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-17499", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17500.json b/2020/17xxx/CVE-2020-17500.json new file mode 100644 index 00000000000..4245fc69036 --- /dev/null +++ b/2020/17xxx/CVE-2020-17500.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-17500", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17501.json b/2020/17xxx/CVE-2020-17501.json new file mode 100644 index 00000000000..757135fdc4f --- /dev/null +++ b/2020/17xxx/CVE-2020-17501.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-17501", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17502.json b/2020/17xxx/CVE-2020-17502.json new file mode 100644 index 00000000000..33b4eb2463c --- /dev/null +++ b/2020/17xxx/CVE-2020-17502.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-17502", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17503.json b/2020/17xxx/CVE-2020-17503.json new file mode 100644 index 00000000000..3325ffd74a2 --- /dev/null +++ b/2020/17xxx/CVE-2020-17503.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-17503", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17504.json b/2020/17xxx/CVE-2020-17504.json new file mode 100644 index 00000000000..2fb7a8d3074 --- /dev/null +++ b/2020/17xxx/CVE-2020-17504.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-17504", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17505.json b/2020/17xxx/CVE-2020-17505.json new file mode 100644 index 00000000000..965c51bba78 --- /dev/null +++ b/2020/17xxx/CVE-2020-17505.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-17505", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the service-cmds parameter in cyrus.php. These commands are executed with root privileges via service_cmds_peform." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://blog.max0x4141.com/post/artica_proxy/", + "refsource": "MISC", + "name": "https://blog.max0x4141.com/post/artica_proxy/" + } + ] + } +} \ No newline at end of file diff --git a/2020/17xxx/CVE-2020-17506.json b/2020/17xxx/CVE-2020-17506.json new file mode 100644 index 00000000000..09676017783 --- /dev/null +++ b/2020/17xxx/CVE-2020-17506.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-17506", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Artica Web Proxy 4.30.00000000 allows remote attacker to bypass privilege detection and gain web backend administrator privileges through SQL injection of the apikey parameter in fw.login.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://blog.max0x4141.com/post/artica_proxy/", + "refsource": "MISC", + "name": "https://blog.max0x4141.com/post/artica_proxy/" + } + ] + } +} \ No newline at end of file diff --git a/2020/5xxx/CVE-2020-5415.json b/2020/5xxx/CVE-2020-5415.json index a12006d7a8e..95efec6f658 100644 --- a/2020/5xxx/CVE-2020-5415.json +++ b/2020/5xxx/CVE-2020-5415.json @@ -46,7 +46,7 @@ "description_data": [ { "lang": "eng", - "value": "Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by way of configuring a GitLab account with the same full name as another user who is granted access to a Concourse team.\n\nGitLab groups do not have this vulnerability, so GitLab users may be moved into groups which are then configured in the Concourse team." + "value": "Concourse, versions prior to 6.3.1 and 6.4.1, in installations which use the GitLab auth connector, is vulnerable to identity spoofing by way of configuring a GitLab account with the same full name as another user who is granted access to a Concourse team. GitLab groups do not have this vulnerability, so GitLab users may be moved into groups which are then configured in the Concourse team." } ] }, @@ -92,4 +92,4 @@ "version": "3.0" } } -} +} \ No newline at end of file diff --git a/2020/6xxx/CVE-2020-6653.json b/2020/6xxx/CVE-2020-6653.json index c72953db781..dcab741c08b 100644 --- a/2020/6xxx/CVE-2020-6653.json +++ b/2020/6xxx/CVE-2020-6653.json @@ -1,18 +1,111 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "CybersecurityCOE@eaton.com", + "DATE_PUBLIC": "2020-08-05T05:49:00.000Z", "ID": "CVE-2020-6653", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Sensitive date stored in logcat file" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Secure Connect Mobile App", + "version": { + "version_data": [ + { + "version_affected": "<=", + "version_value": "1.7.3" + } + ] + } + } + ] + }, + "vendor_name": "Eaton" + } + ] + } + }, + "credit": [ + { + "lang": "eng", + "value": "Eaton would like to thank Vishal Bharad for working with Eaton and helping Eaton in releasing more robust and secure products. " + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Eaton's Secure connect mobile app v1.7.3 & prior stores the user login credentials in logcat file when user create or register the account on the Mobile app. A malicious app or unauthorized user can harvest the information and later on can use the information to monitor and control the user's account and associated devices." } ] + }, + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "PHYSICAL", + "availabilityImpact": "NONE", + "baseScore": 3.8, + "baseSeverity": "LOW", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:P/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200 Information Exposure" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "CWE-532 Information Exposure Through Log Files" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "url": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-vulnerability-advisory-secure-connect-mobile-app.pdf", + "name": "https://www.eaton.com/content/dam/eaton/company/news-insights/cybersecurity/security-bulletins/Eaton-vulnerability-advisory-secure-connect-mobile-app.pdf" + } + ] + }, + "solution": [ + { + "lang": "eng", + "value": "Eaton has release a new version of the app v1.7.4. User's are recommended to update their apps. " + } + ], + "source": { + "advisory": "ETN-VA-2020-1005", + "defect": [ + "ETN-VA-2020-1005" + ], + "discovery": "EXTERNAL" } } \ No newline at end of file