From 1c3bf487f24c48f3068439733de822f5aeb573bf Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 18 Nov 2020 23:01:39 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2019/11xxx/CVE-2019-11840.json | 5 +++ 2020/12xxx/CVE-2020-12593.json | 50 ++++++++++++++++++++-- 2020/1xxx/CVE-2020-1472.json | 5 +++ 2020/1xxx/CVE-2020-1870.json | 76 +++++++++++++++++++++++++++++----- 2020/9xxx/CVE-2020-9283.json | 5 +++ 5 files changed, 128 insertions(+), 13 deletions(-) diff --git a/2019/11xxx/CVE-2019-11840.json b/2019/11xxx/CVE-2019-11840.json index 39fe5101c77..004279a12b1 100644 --- a/2019/11xxx/CVE-2019-11840.json +++ b/2019/11xxx/CVE-2019-11840.json @@ -86,6 +86,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20201109 [SECURITY] [DLA 2442-1] obfs4proxy security update", "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00016.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20201118 [SECURITY] [DLA 2454-1] rclone security update", + "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00030.html" } ] } diff --git a/2020/12xxx/CVE-2020-12593.json b/2020/12xxx/CVE-2020-12593.json index d0cae3d3c70..793abf42981 100644 --- a/2020/12xxx/CVE-2020-12593.json +++ b/2020/12xxx/CVE-2020-12593.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-12593", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "secure@symantec.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Symantec Endpoint Detection & Response (SEDR)", + "version": { + "version_data": [ + { + "version_value": "Prior to 4.5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Endpoint-Detection-Response-Security-Update/SYMSA16562", + "url": "https://support.broadcom.com/security-advisory/content/security-advisories/Symantec-Endpoint-Detection-Response-Security-Update/SYMSA16562" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Symantec Endpoint Detection & Response, prior to 4.5, may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data." } ] } diff --git a/2020/1xxx/CVE-2020-1472.json b/2020/1xxx/CVE-2020-1472.json index 5b7b38fc55e..b5c9b29cb92 100644 --- a/2020/1xxx/CVE-2020-1472.json +++ b/2020/1xxx/CVE-2020-1472.json @@ -236,6 +236,11 @@ "refsource": "UBUNTU", "name": "USN-4559-1", "url": "https://usn.ubuntu.com/4559-1/" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html", + "url": "http://packetstormsecurity.com/files/160127/Zerologon-Netlogon-Privilege-Escalation.html" } ] } diff --git a/2020/1xxx/CVE-2020-1870.json b/2020/1xxx/CVE-2020-1870.json index 838a23a5f51..35ed54763bd 100644 --- a/2020/1xxx/CVE-2020-1870.json +++ b/2020/1xxx/CVE-2020-1870.json @@ -19,16 +19,17 @@ "version": { "version_data": [ { - "version_value": "V200R019C00" - }, + "version_value": "V200R019C00SPC800" + } + ] + } + }, + { + "product_name": "CloudEngine 5800", + "version": { + "version_data": [ { - "version_value": "V200R019C10SPC800" - }, - { - "version_value": "V200R019C00SPC600" - }, - { - "version_value": "V200R019C10" + "version_value": "V200R019C00SPC800" } ] } @@ -37,11 +38,66 @@ "product_name": "CloudEngine 6800", "version": { "version_data": [ + { + "version_value": "V200R005C20SPC800" + }, { "version_value": "V200R019C00SPC800" } ] } + }, + { + "product_name": "CloudEngine 7800", + "version": { + "version_data": [ + { + "version_value": "V200R019C00SPC800" + } + ] + } + }, + { + "product_name": "NE40E", + "version": { + "version_data": [ + { + "version_value": "V800R011C00SPC200" + }, + { + "version_value": "V800R011C00SPC300" + }, + { + "version_value": "V800R011C10SPC100" + } + ] + } + }, + { + "product_name": "NE40E-F", + "version": { + "version_data": [ + { + "version_value": "V800R011C00SPC200" + }, + { + "version_value": "V800R011C10SPC100" + } + ] + } + }, + { + "product_name": "NE40E-M", + "version": { + "version_data": [ + { + "version_value": "V800R011C00SPC200" + }, + { + "version_value": "V800R011C10SPC100" + } + ] + } } ] } @@ -74,7 +130,7 @@ "description_data": [ { "lang": "eng", - "value": "CloudEngine 12800 products with versions of V200R019C00, V200R019C10SPC800, V200R019C00SPC600, V200R019C10; and CloudEngine 6800 products with versions of V200R019C00SPC800 have a denial of service vulnerability. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service." + "value": "There is a denial of service vulnerability in some Huawei products. Due to improper memory management, memory leakage may occur in some special cases. Attackers can perform a series of operations to exploit this vulnerability. Successful exploit may cause a denial of service. Affected product versions include: CloudEngine 12800 versions V200R019C00SPC800; CloudEngine 5800 versions V200R019C00SPC800; CloudEngine 6800 versions V200R005C20SPC800, V200R019C00SPC800; CloudEngine 7800 versions V200R019C00SPC800; NE40E versions V800R011C00SPC200, V800R011C00SPC300, V800R011C10SPC100; NE40E-F versions V800R011C00SPC200, V800R011C10SPC100; NE40E-M versions V800R011C00SPC200, V800R011C10SPC100." } ] } diff --git a/2020/9xxx/CVE-2020-9283.json b/2020/9xxx/CVE-2020-9283.json index c03162020c6..362c2491dfa 100644 --- a/2020/9xxx/CVE-2020-9283.json +++ b/2020/9xxx/CVE-2020-9283.json @@ -71,6 +71,11 @@ "refsource": "MLIST", "name": "[debian-lts-announce] 20201116 [SECURITY] [DLA 2453-1] restic security update", "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00027.html" + }, + { + "refsource": "MLIST", + "name": "[debian-lts-announce] 20201118 [SECURITY] [DLA 2455-1] packer security update", + "url": "https://lists.debian.org/debian-lts-announce/2020/11/msg00031.html" } ] }