admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-06-03 13:01:32 +00:00
parent c8bd8adb32
commit 2373d52517
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
17 changed files with 218 additions and 33 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
2018/13xxx/CVE-2018-13367.json
View File

@ -11,15 +11,18 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "Fortinet FortiOS",
"product_name": "FortiOS",
"version": {
"version_data": [
{
"version_value": "FortiOS 6.2.0 and below"
"version_value": "6.2.3"
},
{
"version_value": "6.2.0 and below"
}
]
}
@ -55,7 +58,7 @@
"description_data": [
{
"lang": "eng",
"value": "An information exposure vulnerability in FortiOS 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI."
"value": "An information exposure vulnerability in FortiOS 6.2.3, 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI."
}
]
}

50
2020/1xxx/CVE-2020-1963.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-1963",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@apache.org",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "Apache Ignite",
"version": {
"version_data": [
{
"version_value": "All versions of Apache Ignite up to 2.8"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://lists.apache.org/thread.html/r1933faf8a26c431f38a5f8dbbfab80254454e54e33a79be474b67dc4%40%3Cdev.ignite.apache.org%3E",
"url": "https://lists.apache.org/thread.html/r1933faf8a26c431f38a5f8dbbfab80254454e54e33a79be474b67dc4%40%3Cdev.ignite.apache.org%3E"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Apache Ignite uses H2 database to build SQL distributed execution engine. H2 provides SQL functions which could be used by attacker to access to a filesystem."
}
]
}

3
2020/2xxx/CVE-2020-2190.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2190",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2020/2xxx/CVE-2020-2191.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2191",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2020/2xxx/CVE-2020-2192.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2192",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2020/2xxx/CVE-2020-2193.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2193",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2020/2xxx/CVE-2020-2194.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2194",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2020/2xxx/CVE-2020-2195.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2195",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2020/2xxx/CVE-2020-2196.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2196",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2020/2xxx/CVE-2020-2197.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2197",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2020/2xxx/CVE-2020-2198.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2198",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2020/2xxx/CVE-2020-2199.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2199",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

3
2020/2xxx/CVE-2020-2200.json
View File

@ -1,7 +1,8 @@
{
"CVE_data_meta": {
"ID": "CVE-2020-2200",
"ASSIGNER": "jenkinsci-cert@googlegroups.com"
"ASSIGNER": "jenkinsci-cert@googlegroups.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {

50
2020/7xxx/CVE-2020-7115.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7115",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ClearPass Policy Manager",
"version": {
"version_data": [
{
"version_value": "ClearPass 6.9.x prior to 6.9.1 ClearPass 6.8.x prior to 6.8.5-HF ClearPass 6.7.x prior to 6.7.13-HF"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Unauthenticated Remote Command Execution in the Web Interface"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-005.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-005.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ClearPass Policy Manager web interface is affected by a vulnerability that leads to authentication bypass. Upon successful bypass an attacker could then execute an exploit that would allow to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher."
}
]
}

50
2020/7xxx/CVE-2020-7116.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7116",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ClearPass Policy Manager",
"version": {
"version_data": [
{
"version_value": "ClearPass 6.9.x prior to 6.9.1 ClearPass 6.8.x prior to 6.8.5-HF ClearPass 6.7.x prior to 6.7.13-HF"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authenticated Remote Command Execution "
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-005.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-005.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher."
}
]
}

50
2020/7xxx/CVE-2020-7117.json
View File

@ -4,14 +4,58 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7117",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security-alert@hpe.com",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "n/a",
"product": {
"product_data": [
{
"product_name": "ClearPass Policy Manager",
"version": {
"version_data": [
{
"version_value": "ClearPass 6.9.x prior to 6.9.1 ClearPass 6.8.x prior to 6.8.5-HF ClearPass 6.7.x prior to 6.7.13-HF"
}
]
}
}
]
}
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Authenticated Remote Command Execution "
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-005.txt",
"url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2020-005.txt"
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The ClearPass Policy Manager WebUI administrative interface has an authenticated command remote execution. When the attacker is already authenticated to the administrative interface, they could then exploit the system, leading to remote command execution in the underlying operating system. Resolution: Fixed in 6.7.13-HF, 6.8.5-HF, 6.8.6, 6.9.1 and higher."
}
]
}

7
2020/7xxx/CVE-2020-7628.json
View File

@ -44,11 +44,6 @@
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/1000ch/install-package/blob/master/index.js#L82,",
"url": "https://github.com/1000ch/install-package/blob/master/index.js#L82,"
},
{
"refsource": "MISC",
"name": "https://snyk.io/vuln/SNYK-JS-UMOUNT-564265",
@ -60,7 +55,7 @@
"description_data": [
{
"lang": "eng",
"value": "install-package through 1.1.6 is vulnerable to Command Injection. It allows execution of arbitrary commands via the device function."
"value": "umount through 1.1.6 is vulnerable to Command Injection. The argument device can be controlled by users without any sanitization."
}
]
}