admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-07-22 21:01:35 +00:00
parent 4e384c7905
commit 1c2de37be3
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
12 changed files with 718 additions and 646 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2020/15xxx/CVE-2020-15897.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15897",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/15xxx/CVE-2020-15898.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15898",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/15xxx/CVE-2020-15899.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15899",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/15xxx/CVE-2020-15900.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-15900",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

28
2020/3xxx/CVE-2020-3452.json
View File

@ -17,28 +17,28 @@
"version": {
"version_data": [
{
"version_affected": "<",
"version_value": "9.6.4.42"
"version_affected": "<",
"version_value": "9.6.4.42"
},
{
"version_affected": "<",
"version_value": "9.8.4.20"
"version_affected": "<",
"version_value": "9.8.4.20"
},
{
"version_affected": "<",
"version_value": "9.9.2.74"
"version_affected": "<",
"version_value": "9.9.2.74"
},
{
"version_affected": "<",
"version_value": "9.10.1.42"
"version_affected": "<",
"version_value": "9.10.1.42"
},
{
"version_affected": "<",
"version_value": "9.13.1.10"
"version_affected": "<",
"version_value": "9.13.1.10"
},
{
"version_affected": "<",
"version_value": "9.14.1.10"
"version_affected": "<",
"version_value": "9.14.1.10"
}
]
}
@ -57,7 +57,7 @@
"description_data": [
{
"lang": "eng",
"value": " A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files. "
"value": "A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct directory traversal attacks and read sensitive files on a targeted system. The vulnerability is due to a lack of proper input validation of URLs in HTTP requests processed by an affected device. An attacker could exploit this vulnerability by sending a crafted HTTP request containing directory traversal character sequences to an affected device. A successful exploit could allow the attacker to view arbitrary files within the web services file system on the targeted device. The web services file system is enabled when the affected device is configured with either WebVPN or AnyConnect features. This vulnerability cannot be used to obtain access to ASA or FTD system files or underlying operating system (OS) files."
}
]
},
@ -104,4 +104,4 @@
],
"discovery": "INTERNAL"
}
}
}

180
2020/4xxx/CVE-2020-4369.json
View File

@ -1,93 +1,93 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"AC" : "H",
"UI" : "N",
"S" : "U",
"I" : "N",
"C" : "H",
"PR" : "N",
"SCORE" : "5.100",
"AV" : "L",
"A" : "N"
}
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6251285",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6251285",
"title" : "IBM Security Bulletin 6251285 (Verify Gateway (IVG))"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-ivg-cve20204369-info-disc (179004)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179004",
"refsource" : "XF"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Verify Gateway (IVG)",
"version" : {
"version_data" : [
{
"version_value" : "1.0.0"
},
{
"version_value" : "1.0.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores highly sensitive information in cleartext that could be obtained by a user. IBM X-Force ID: 179004.",
"lang" : "eng"
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-07-21T00:00:00",
"ID" : "CVE-2020-4369",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_format" : "MITRE"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
},
"BM": {
"AC": "H",
"UI": "N",
"S": "U",
"I": "N",
"C": "H",
"PR": "N",
"SCORE": "5.100",
"AV": "L",
"A": "N"
}
}
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6251285",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6251285",
"title": "IBM Security Bulletin 6251285 (Verify Gateway (IVG))"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-ivg-cve20204369-info-disc (179004)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179004",
"refsource": "XF"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Verify Gateway (IVG)",
"version": {
"version_data": [
{
"version_value": "1.0.0"
},
{
"version_value": "1.0.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"description": {
"description_data": [
{
"value": "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores highly sensitive information in cleartext that could be obtained by a user. IBM X-Force ID: 179004.",
"lang": "eng"
}
]
},
"data_type": "CVE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-07-21T00:00:00",
"ID": "CVE-2020-4369",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_format": "MITRE"
}

182
2020/4xxx/CVE-2020-4371.json
View File

@ -1,93 +1,93 @@
{
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Verify Gateway (IVG)",
"version" : {
"version_data" : [
{
"version_value" : "1.0.0"
},
{
"version_value" : "1.0.1"
}
]
}
}
]
}
}
]
}
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6251287",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6251287",
"title" : "IBM Security Bulletin 6251287 (Verify Gateway (IVG))"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179008",
"refsource" : "XF",
"name" : "ibm-ivg-cve20204371-info-disc (179008)"
}
]
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains sensitive information in leftover debug code that could be used aid a local user in further attacks against the system. IBM X-Force ID: 179008."
}
]
},
"data_type" : "CVE",
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"AC" : "L",
"UI" : "N",
"S" : "U",
"I" : "N",
"C" : "L",
"SCORE" : "4.000",
"PR" : "N",
"AV" : "L",
"A" : "N"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Verify Gateway (IVG)",
"version": {
"version_data": [
{
"version_value": "1.0.0"
},
{
"version_value": "1.0.1"
}
]
}
}
]
}
}
]
}
]
},
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-07-21T00:00:00",
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4371"
},
"data_format" : "MITRE"
}
}
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6251287",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6251287",
"title": "IBM Security Bulletin 6251287 (Verify Gateway (IVG))"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179008",
"refsource": "XF",
"name": "ibm-ivg-cve20204371-info-disc (179008)"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains sensitive information in leftover debug code that could be used aid a local user in further attacks against the system. IBM X-Force ID: 179008."
}
]
},
"data_type": "CVE",
"data_version": "4.0",
"impact": {
"cvssv3": {
"BM": {
"AC": "L",
"UI": "N",
"S": "U",
"I": "N",
"C": "L",
"SCORE": "4.000",
"PR": "N",
"AV": "L",
"A": "N"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"CVE_data_meta": {
"DATE_PUBLIC": "2020-07-21T00:00:00",
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4371"
},
"data_format": "MITRE"
}

180
2020/4xxx/CVE-2020-4372.json
View File

@ -1,93 +1,93 @@
{
"data_format" : "MITRE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-07-21T00:00:00",
"ID" : "CVE-2020-4372",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_version" : "4.0",
"impact" : {
"cvssv3" : {
"BM" : {
"C" : "H",
"I" : "N",
"S" : "U",
"UI" : "N",
"AC" : "L",
"A" : "N",
"AV" : "L",
"SCORE" : "6.200",
"PR" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 179009",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Verify Gateway (IVG)",
"version" : {
"version_data" : [
{
"version_value" : "1.0.0"
},
{
"version_value" : "1.0.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"data_format": "MITRE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-07-21T00:00:00",
"ID": "CVE-2020-4372",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_version": "4.0",
"impact": {
"cvssv3": {
"BM": {
"C": "H",
"I": "N",
"S": "U",
"UI": "N",
"AC": "L",
"A": "N",
"AV": "L",
"SCORE": "6.200",
"PR": "N"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
]
}
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6251289",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6251289",
"title" : "IBM Security Bulletin 6251289 (Verify Gateway (IVG))"
},
{
"refsource" : "XF",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179009",
"name" : "ibm-ivg-cve20204372-info-disc (179009)",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
}
},
"description": {
"description_data": [
{
"value": "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 179009",
"lang": "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Verify Gateway (IVG)",
"version": {
"version_data": [
{
"version_value": "1.0.0"
},
{
"version_value": "1.0.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
}
}
}
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6251289",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6251289",
"title": "IBM Security Bulletin 6251289 (Verify Gateway (IVG))"
},
{
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179009",
"name": "ibm-ivg-cve20204372-info-disc (179009)",
"title": "X-Force Vulnerability Report"
}
]
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
}

182
2020/4xxx/CVE-2020-4385.json
View File

@ -1,93 +1,93 @@
{
"data_format" : "MITRE",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-07-21T00:00:00",
"STATE" : "PUBLIC",
"ID" : "CVE-2020-4385",
"ASSIGNER" : "psirt@us.ibm.com"
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Verify Gateway (IVG)",
"version" : {
"version_data" : [
{
"version_value" : "1.0.0"
},
{
"version_value" : "1.0.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 179266.",
"lang" : "eng"
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6251291 (Verify Gateway (IVG))",
"name" : "https://www.ibm.com/support/pages/node/6251291",
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6251291"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179266",
"refsource" : "XF",
"name" : "ibm-ivg-cve20204385-info-disc (179266)",
"title" : "X-Force Vulnerability Report"
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"UI" : "N",
"AC" : "H",
"C" : "H",
"I" : "N",
"S" : "C",
"SCORE" : "6.800",
"PR" : "N",
"A" : "N",
"AV" : "N"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"data_version" : "4.0",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
"data_format": "MITRE",
"CVE_data_meta": {
"DATE_PUBLIC": "2020-07-21T00:00:00",
"STATE": "PUBLIC",
"ID": "CVE-2020-4385",
"ASSIGNER": "psirt@us.ibm.com"
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Verify Gateway (IVG)",
"version": {
"version_data": [
{
"version_value": "1.0.0"
},
{
"version_value": "1.0.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
}
}
}
},
"description": {
"description_data": [
{
"value": "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 179266.",
"lang": "eng"
}
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6251291 (Verify Gateway (IVG))",
"name": "https://www.ibm.com/support/pages/node/6251291",
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6251291"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179266",
"refsource": "XF",
"name": "ibm-ivg-cve20204385-info-disc (179266)",
"title": "X-Force Vulnerability Report"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"UI": "N",
"AC": "H",
"C": "H",
"I": "N",
"S": "C",
"SCORE": "6.800",
"PR": "N",
"A": "N",
"AV": "N"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"data_version": "4.0",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
}
}

180
2020/4xxx/CVE-2020-4397.json
View File

@ -1,93 +1,93 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6251321 (Verify Gateway (IVG))",
"name" : "https://www.ibm.com/support/pages/node/6251321",
"url" : "https://www.ibm.com/support/pages/node/6251321",
"refsource" : "CONFIRM"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-ivg-cve20204397-info-disc (179428)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179428",
"refsource" : "XF"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Verify Gateway (IVG)",
"version" : {
"version_data" : [
{
"version_value" : "1.0.0"
},
{
"version_value" : "1.0.1"
}
]
}
}
]
}
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 transmits sensitive information in plain text which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 179428.",
"lang" : "eng"
}
]
},
"data_type" : "CVE",
"impact" : {
"cvssv3" : {
"BM" : {
"SCORE" : "6.800",
"PR" : "N",
"AV" : "N",
"A" : "N",
"AC" : "H",
"UI" : "N",
"I" : "N",
"S" : "C",
"C" : "H"
},
"TM" : {
"E" : "U",
"RL" : "O",
"RC" : "C"
}
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4397",
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-07-21T00:00:00"
},
"data_format" : "MITRE"
}
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6251321 (Verify Gateway (IVG))",
"name": "https://www.ibm.com/support/pages/node/6251321",
"url": "https://www.ibm.com/support/pages/node/6251321",
"refsource": "CONFIRM"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-ivg-cve20204397-info-disc (179428)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179428",
"refsource": "XF"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Verify Gateway (IVG)",
"version": {
"version_data": [
{
"version_value": "1.0.0"
},
{
"version_value": "1.0.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"value": "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 transmits sensitive information in plain text which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 179428.",
"lang": "eng"
}
]
},
"data_type": "CVE",
"impact": {
"cvssv3": {
"BM": {
"SCORE": "6.800",
"PR": "N",
"AV": "N",
"A": "N",
"AC": "H",
"UI": "N",
"I": "N",
"S": "C",
"C": "H"
},
"TM": {
"E": "U",
"RL": "O",
"RC": "C"
}
}
},
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4397",
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-07-21T00:00:00"
},
"data_format": "MITRE"
}

180
2020/4xxx/CVE-2020-4399.json
View File

@ -1,93 +1,93 @@
{
"data_format" : "MITRE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-07-21T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4399"
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Denial of Service",
"lang" : "eng"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"A" : "H",
"AV" : "N",
"PR" : "L",
"SCORE" : "6.500",
"C" : "N",
"I" : "N",
"S" : "U",
"UI" : "N",
"AC" : "L"
},
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
}
}
},
"data_version" : "4.0",
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6251323",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6251323",
"title" : "IBM Security Bulletin 6251323 (Verify Gateway (IVG))"
},
{
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179476",
"refsource" : "XF",
"name" : "ibm-ivg-cve20204399-dos (179476)"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_format": "MITRE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-07-21T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4399"
},
"problemtype": {
"problemtype_data": [
{
"product" : {
"product_data" : [
{
"product_name" : "Verify Gateway (IVG)",
"version" : {
"version_data" : [
{
"version_value" : "1.0.0"
},
{
"version_value" : "1.0.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"description": [
{
"value": "Denial of Service",
"lang": "eng"
}
]
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 could allow an authenticated user to send malformed requests to cause a denial of service against the server. IBM X-Force ID: 179476."
}
]
},
"data_type" : "CVE"
}
]
},
"impact": {
"cvssv3": {
"BM": {
"A": "H",
"AV": "N",
"PR": "L",
"SCORE": "6.500",
"C": "N",
"I": "N",
"S": "U",
"UI": "N",
"AC": "L"
},
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
}
}
},
"data_version": "4.0",
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6251323",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6251323",
"title": "IBM Security Bulletin 6251323 (Verify Gateway (IVG))"
},
{
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179476",
"refsource": "XF",
"name": "ibm-ivg-cve20204399-dos (179476)"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Verify Gateway (IVG)",
"version": {
"version_data": [
{
"version_value": "1.0.0"
},
{
"version_value": "1.0.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 could allow an authenticated user to send malformed requests to cause a denial of service against the server. IBM X-Force ID: 179476."
}
]
},
"data_type": "CVE"
}

180
2020/4xxx/CVE-2020-4400.json
View File

@ -1,93 +1,93 @@
{
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"problemtype": {
"problemtype_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "1.0.0"
},
{
"version_value" : "1.0.1"
}
]
},
"product_name" : "Verify Gateway (IVG)"
}
]
}
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
}
},
"data_type" : "CVE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 179478."
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"url" : "https://www.ibm.com/support/pages/node/6251279",
"name" : "https://www.ibm.com/support/pages/node/6251279",
"title" : "IBM Security Bulletin 6251279 (Verify Gateway (IVG))"
},
{
"title" : "X-Force Vulnerability Report",
"name" : "ibm-ivg-cve20204400-info-disc (179478)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/179478",
"refsource" : "XF"
}
]
},
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"AC" : "L",
"UI" : "N",
"I" : "N",
"S" : "U",
"C" : "H",
"SCORE" : "7.500",
"PR" : "N",
"AV" : "N",
"A" : "N"
}
}
},
"data_version" : "4.0",
"data_format" : "MITRE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4400",
"DATE_PUBLIC" : "2020-07-21T00:00:00",
"STATE" : "PUBLIC"
}
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "1.0.0"
},
{
"version_value": "1.0.1"
}
]
},
"product_name": "Verify Gateway (IVG)"
}
]
}
}
]
}
},
"data_type": "CVE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 179478."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.ibm.com/support/pages/node/6251279",
"name": "https://www.ibm.com/support/pages/node/6251279",
"title": "IBM Security Bulletin 6251279 (Verify Gateway (IVG))"
},
{
"title": "X-Force Vulnerability Report",
"name": "ibm-ivg-cve20204400-info-disc (179478)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/179478",
"refsource": "XF"
}
]
},
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"AC": "L",
"UI": "N",
"I": "N",
"S": "U",
"C": "H",
"SCORE": "7.500",
"PR": "N",
"AV": "N",
"A": "N"
}
}
},
"data_version": "4.0",
"data_format": "MITRE",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4400",
"DATE_PUBLIC": "2020-07-21T00:00:00",
"STATE": "PUBLIC"
}
}