From 1d29593ba13c570b4ea530960deb8d1b31dc9883 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 14 May 2020 20:01:15 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/12xxx/CVE-2020-12874.json | 76 ++++++++++++++++++++++++++++++++++ 2020/12xxx/CVE-2020-12875.json | 76 ++++++++++++++++++++++++++++++++++ 2020/12xxx/CVE-2020-12876.json | 76 ++++++++++++++++++++++++++++++++++ 2020/12xxx/CVE-2020-12877.json | 76 ++++++++++++++++++++++++++++++++++ 2020/12xxx/CVE-2020-12878.json | 18 ++++++++ 2020/8xxx/CVE-2020-8840.json | 10 +++++ 2020/9xxx/CVE-2020-9488.json | 10 +++++ 7 files changed, 342 insertions(+) create mode 100644 2020/12xxx/CVE-2020-12874.json create mode 100644 2020/12xxx/CVE-2020-12875.json create mode 100644 2020/12xxx/CVE-2020-12876.json create mode 100644 2020/12xxx/CVE-2020-12877.json create mode 100644 2020/12xxx/CVE-2020-12878.json diff --git a/2020/12xxx/CVE-2020-12874.json b/2020/12xxx/CVE-2020-12874.json new file mode 100644 index 00000000000..87b83bc137d --- /dev/null +++ b/2020/12xxx/CVE-2020-12874.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-12874", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Veritas APTARE versions prior to 10.4 included code that bypassed the normal login process when specific authentication credentials were provided to the server." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS20-003", + "refsource": "MISC", + "name": "https://www.veritas.com/content/support/en_US/security/VTS20-003" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:N/S:U/UI:N", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12875.json b/2020/12xxx/CVE-2020-12875.json new file mode 100644 index 00000000000..6d4d47203e3 --- /dev/null +++ b/2020/12xxx/CVE-2020-12875.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-12875", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Veritas APTARE versions prior to 10.4 did not perform adequate authorization checks. An authenticated user could gain unauthorized access to sensitive information or functionality by manipulating specific parameters within the application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS20-003", + "refsource": "MISC", + "name": "https://www.veritas.com/content/support/en_US/security/VTS20-003" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:L/C:L/I:L/PR:L/S:U/UI:N", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12876.json b/2020/12xxx/CVE-2020-12876.json new file mode 100644 index 00000000000..616d6f5e76a --- /dev/null +++ b/2020/12xxx/CVE-2020-12876.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-12876", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Veritas APTARE versions prior to 10.4 allowed remote users to access several unintended files on the server. This vulnerability only impacts Windows server deployments." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS20-003", + "refsource": "MISC", + "name": "https://www.veritas.com/content/support/en_US/security/VTS20-003" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "LOW", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:L/I:N/PR:N/S:U/UI:N", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12877.json b/2020/12xxx/CVE-2020-12877.json new file mode 100644 index 00000000000..36c01a1b306 --- /dev/null +++ b/2020/12xxx/CVE-2020-12877.json @@ -0,0 +1,76 @@ +{ + "CVE_data_meta": { + "ASSIGNER": "cve@mitre.org", + "ID": "CVE-2020-12877", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Veritas APTARE versions prior to 10.4 allowed sensitive information to be accessible without authentication." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.veritas.com/content/support/en_US/security/VTS20-003", + "refsource": "MISC", + "name": "https://www.veritas.com/content/support/en_US/security/VTS20-003" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "NONE", + "confidentialityImpact": "HIGH", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N", + "version": "3.0" + } + } +} \ No newline at end of file diff --git a/2020/12xxx/CVE-2020-12878.json b/2020/12xxx/CVE-2020-12878.json new file mode 100644 index 00000000000..6d523d79582 --- /dev/null +++ b/2020/12xxx/CVE-2020-12878.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-12878", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2020/8xxx/CVE-2020-8840.json b/2020/8xxx/CVE-2020-8840.json index ccf84b90eb3..0327d3a4232 100644 --- a/2020/8xxx/CVE-2020-8840.json +++ b/2020/8xxx/CVE-2020-8840.json @@ -241,6 +241,16 @@ "refsource": "MLIST", "name": "[ranger-dev] 20200514 [jira] [Updated] (RANGER-2770) Upgrade jackson-databind to version 2.10.0 [CVE-2020-8840] - (Ranger)", "url": "https://lists.apache.org/thread.html/rb73708bf714ed6dbc1212da082e7703e586077f0c92f3940b2e82caf@%3Cdev.ranger.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[kafka-dev] 20200514 [jira] [Created] (KAFKA-9996) upgrade zookeeper to 3.5.8 to address security vulnerabilities", + "url": "https://lists.apache.org/thread.html/r7e5c10534ed06bf805473ac85e8412fe3908a8fa4cabf5027bf11220@%3Cdev.kafka.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[kafka-jira] 20200514 [jira] [Created] (KAFKA-9996) upgrade zookeeper to 3.5.8 to address security vulnerabilities", + "url": "https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E" } ] } diff --git a/2020/9xxx/CVE-2020-9488.json b/2020/9xxx/CVE-2020-9488.json index 242ef227614..7942bfea30d 100644 --- a/2020/9xxx/CVE-2020-9488.json +++ b/2020/9xxx/CVE-2020-9488.json @@ -118,6 +118,16 @@ "refsource": "MLIST", "name": "[zookeeper-notifications] 20200504 [GitHub] [zookeeper] symat commented on pull request #1346: ZOOKEEPER-3817: suppress log4j SmtpAppender related CVE-2020-9488", "url": "https://lists.apache.org/thread.html/rc6b81c013618d1de1b5d6b8c1088aaf87b4bacc10c2371f15a566701@%3Cnotifications.zookeeper.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[kafka-dev] 20200514 [jira] [Created] (KAFKA-9996) upgrade zookeeper to 3.5.8 to address security vulnerabilities", + "url": "https://lists.apache.org/thread.html/r7e5c10534ed06bf805473ac85e8412fe3908a8fa4cabf5027bf11220@%3Cdev.kafka.apache.org%3E" + }, + { + "refsource": "MLIST", + "name": "[kafka-jira] 20200514 [jira] [Created] (KAFKA-9996) upgrade zookeeper to 3.5.8 to address security vulnerabilities", + "url": "https://lists.apache.org/thread.html/r8e96c340004b7898cad3204ea51280ef6e4b553a684e1452bf1b18b1@%3Cjira.kafka.apache.org%3E" } ] },