admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-02-28 23:01:11 +00:00
parent 42d06317ae
commit 1cd44b512d
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 376 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

90
2015/3xxx/CVE-2015-3006.json
View File

@ -1,8 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2015-04-08T16:00:00.000Z",
"ID": "CVE-2015-3006",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos: QFX Series: Insufficient entropy on QFX3500 and QFX3600 platforms when the system boots up"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +36,67 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "On the QFX3500 and QFX3600 platforms, the number of bytes collected from the RANDOM_INTERRUPT entropy source when the device boots up is insufficient, possibly leading to weak or duplicate SSH keys or self-signed SSL/TLS certificates. Entropy increases after the system has been up and running for some time, but immediately after boot, the entropy is very low. This issue only affects the QFX3500 and QFX3600 switches. No other Juniper Networks products or platforms are affected by this weak entropy vulnerability."
}
]
}
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10678",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10678"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The following software releases have been updated to resolve this specific issue: Junos OS 12.2X50-D70 13.1X50-D30 13.2X51-D25 13.2X51-D30 13.2X52-D15 14.1X53-D10, and all subsequent releases. It is recommended to regenerate SSH keys or self signed certificates."
}
],
"source": {
"advisory": "JSA10678",
"defect": [
"1000779"
],
"discovery": "INTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "Avoid generating SSH keys or self-signed SSL certificates on the affected platforms until the system has been up and running for some time, allowing additional sources of randomness to generate sufficient entropy."
}
]
}

94
2015/5xxx/CVE-2015-5361.json
View File

@ -1,8 +1,33 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"DATE_PUBLIC": "2015-10-14T16:00:00.000Z",
"ID": "CVE-2015-5361",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Junos: FTPS through SRX opens up wide range of data channel TCP ports"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,8 +36,71 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Background For regular, unencrypted FTP traffic, the FTP ALG can inspect the unencrypted control channel and open related sessions for the FTP data channel. These related sessions (gates) are specific to source and destination IPs and ports of client and server. The design intent of the ftps-extensions option (which is disabled by default) is to provide similar functionality when the SRX secures the FTP/FTPS client. As the control channel is encrypted, the FTP ALG cannot inspect the port specific information and will open a wider TCP data channel (gate) from client IP to server IP on all destination TCP ports. In FTP/FTPS client environments to an enterprise network or the Internet, this is the desired behavior as it allows firewall policy to be written to FTP/FTPS servers on well-known control ports without using a policy with destination IP ANY and destination port ANY. Issue The ftps-extensions option is not intended or recommended where the SRX secures the FTPS server, as the wide data channel session (gate) will allow the FTPS client temporary access to all TCP ports on the FTPS server. The data session is associated to the control channel and will be closed when the control channel session closes. Depending on the configuration of the FTPS server, supporting load-balancer, and SRX inactivity-timeout values, the server/load-balancer and SRX may keep the control channel open for an extended period of time, allowing an FTPS client access for an equal duration.\u200b Note that the ftps-extensions option is not enabled by default."
}
]
}
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://kb.juniper.net/JSA10706",
"refsource": "CONFIRM",
"url": "https://kb.juniper.net/JSA10706"
}
]
},
"solution": [
{
"lang": "eng",
"value": "The overall behavior of the FTP ALG with the ftps-extensions option is intended behavior and will not change. The key component to this advisory is increasing user awareness of the wide TCP data channel (gate) creation, allowing creation of any new sessions from client to server, and potential implications where the SRX protects the FTPS server and the server/load-balancer allows the control channel to remain open for an extended period.\n\nInvestigation into the issue identified two issues applicable to environments where the SRX protects both FTPS clients and servers, as well as uses FTP and FTPS over the same TCP ports to different servers.\n\n\u200bDue to the recent changes of OpenSSL, the FTP ALG without the ftps-extensions option may block FTPS commands over the FTP control channel. This is client and server specific, and was observed with FTPS clients that use recent versions of OpenSSL. This may result in security administrators enabling the ftps-extensions option with the intent of allowing the commands to pass, but inadvertently allowing wide gate creation. This was observed in a configuration with simultaneous FTPS client/server use, with use of the same ports for FTP and FTPS traffic.\n\nThe ftps-extension option is not supported when the SRX performs a destination NAT of the FTPS server, as the ALG cannot inspect the control channel to modify the server\u2019s IP address signaled to the client. In an environment of simultaneous FTP and FTPS server use with the ftps-extensions option enabled, the gate is created but is generally unusable by the FTPS client. However, an FTPS client with knowledge of the server\u2019s real IP address, its NAT\u2019d IP address, and routing reachability to the server\u2019s real IP address may be able to use the wide gate to reach the FTPS server.\nThe software releases listed below resolves these issues as follows:\n\nThe FTP ALG without the ftps-extensions option will allow FTPS related commands to pass over the FTP control channel. As the ftps-extension option is not enabled, the wide TCP data channel is not created.\n\nIf the FTPS server is NAT\u2019d by the SRX (destination or static NAT), the wide TCP data channel is not created.\n"
},
{
"lang": "eng",
"value": "The following software releases have been updated to resolve these specific issues: Junos OS 12.1X44-D55, 12.1X46-D40, 12.1X47-D25, 12.3X48-D15, 15.1X49-D10, and all subsequent releases."
}
],
"source": {
"advisory": "JSA10706",
"defect": [
"1067419"
],
"discovery": "USER"
},
"work_around": [
{
"lang": "eng",
"value": "Do not enable the 'ftps-extensions' option if FTPS is not needed.\u200b The 'ftps-extensions' option is disabled by default.\u200b"
}
]
}

2
2016/11xxx/CVE-2016-11020.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS."
"value": "Kunena before 5.0.4 does not restrict avatar file extensions to gif, jpeg, jpg, and png. This can lead to XSS and remote code execution."
}
]
},

5
2019/15xxx/CVE-2019-15126.json
View File

@ -86,6 +86,11 @@
"refsource": "CONFIRM",
"name": "https://www.mist.com/documentation/mist-security-advisory-kr00k-attack-faq/",
"url": "https://www.mist.com/documentation/mist-security-advisory-kr00k-attack-faq/"
},
{
"refsource": "CONFIRM",
"name": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txt",
"url": "http://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-003.txt"
}
]
}

100
2020/6xxx/CVE-2020-6803.json
View File

@ -4,15 +4,107 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6803",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC",
"TITLE": "Open redirect in Mozilla WebThings Gateway"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebThings Gateway",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "0.3.0",
"version_value": "0.3.0"
},
{
"version_affected": "<",
"version_name": "0.12.0",
"version_value": "0.12.0"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Panagiotis"
}
],
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An open redirect is present on the gateway's login page, which could cause a user to be redirected to a malicious site after logging in."
}
]
}
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-601 URL Redirection to Untrusted Site ('Open Redirect')"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://github.com/mozilla-iot/gateway/pull/2446",
"name": "https://github.com/mozilla-iot/gateway/pull/2446"
}
]
},
"solution": [
{
"lang": "eng",
"value": "https://github.com/mozilla-iot/gateway/pull/2446"
}
],
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "* Never share your gateway address publicly.\n* Never click on links which take you to your gateway, especially to the login page."
}
]
}

100
2020/6xxx/CVE-2020-6804.json
View File

@ -4,15 +4,107 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-6804",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC",
"TITLE": "XSS in Mozilla WebThings Gateway"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebThings Gateway",
"version": {
"version_data": [
{
"version_affected": ">=",
"version_name": "0.3.0",
"version_value": "0.3.0"
},
{
"version_affected": "<",
"version_name": "0.12.0",
"version_value": "0.12.0"
}
]
}
}
]
},
"vendor_name": "Mozilla"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Panagiotis"
}
],
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A reflected XSS vulnerability exists within the gateway, allowing an attacker to craft a specialized URL which could steal the user's authentication token. When combined with CVE-2020-6803, an attacker could fully compromise the system."
}
]
}
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://github.com/mozilla-iot/gateway/pull/2446",
"name": "https://github.com/mozilla-iot/gateway/pull/2446"
}
]
},
"solution": [
{
"lang": "eng",
"value": "https://github.com/mozilla-iot/gateway/pull/2446"
}
],
"source": {
"discovery": "EXTERNAL"
},
"work_around": [
{
"lang": "eng",
"value": "* Never share your gateway address publicly.\n* Never click on links which take you to your gateway, especially to the login page."
}
]
}