diff --git a/2020/10xxx/CVE-2020-10135.json b/2020/10xxx/CVE-2020-10135.json index 3be61505a4c..b04fabf07c1 100644 --- a/2020/10xxx/CVE-2020-10135.json +++ b/2020/10xxx/CVE-2020-10135.json @@ -94,6 +94,11 @@ "refsource": "FULLDISC", "name": "20200602 BIAS (Bluetooth Impersonation Attack) CVE 2020-10135 reproduction", "url": "http://seclists.org/fulldisclosure/2020/Jun/5" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157922/Bluetooth-Impersonation-Attack-BIAS-Proof-Of-Concept.html", + "url": "http://packetstormsecurity.com/files/157922/Bluetooth-Impersonation-Attack-BIAS-Proof-Of-Concept.html" } ] }, diff --git a/2020/10xxx/CVE-2020-10596.json b/2020/10xxx/CVE-2020-10596.json index 0400ee525bb..2f801cd2379 100644 --- a/2020/10xxx/CVE-2020-10596.json +++ b/2020/10xxx/CVE-2020-10596.json @@ -56,6 +56,11 @@ "url": "https://github.com/opencart/opencart/issues/7810", "refsource": "MISC", "name": "https://github.com/opencart/opencart/issues/7810" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157908/OpenCart-3.0.3.2-Cross-Site-Scripting.html", + "url": "http://packetstormsecurity.com/files/157908/OpenCart-3.0.3.2-Cross-Site-Scripting.html" } ] } diff --git a/2020/13xxx/CVE-2020-13756.json b/2020/13xxx/CVE-2020-13756.json index 95ad1c5ca28..14592f3a58c 100644 --- a/2020/13xxx/CVE-2020-13756.json +++ b/2020/13xxx/CVE-2020-13756.json @@ -66,6 +66,11 @@ "refsource": "MISC", "name": "http://seclists.org/fulldisclosure/2020/Jun/7", "url": "http://seclists.org/fulldisclosure/2020/Jun/7" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157923/Sabberworm-PHP-CSS-Code-Injection.html", + "url": "http://packetstormsecurity.com/files/157923/Sabberworm-PHP-CSS-Code-Injection.html" } ] } diff --git a/2020/13xxx/CVE-2020-13775.json b/2020/13xxx/CVE-2020-13775.json index 8ff271d428c..9ec9ae71251 100644 --- a/2020/13xxx/CVE-2020-13775.json +++ b/2020/13xxx/CVE-2020-13775.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "ZNC before 1.8.1-rc1 allows attackers to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network." + "value": "ZNC 1.8.0 up to 1.8.1-rc1 allows attackers to trigger an application crash (with a NULL pointer dereference) if echo-message is not enabled and there is no network." } ] }, @@ -53,9 +53,14 @@ "references": { "reference_data": [ { - "url": "https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8", - "refsource": "MISC", - "name": "https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8" + "refsource": "CONFIRM", + "name": "https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8", + "url": "https://github.com/znc/znc/commit/2390ad111bde16a78c98ac44572090b33c3bd2d8" + }, + { + "refsource": "CONFIRM", + "name": "https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001", + "url": "https://github.com/znc/znc/commit/d229761821da38d984a9e4098ad96842490dc001" } ] } diff --git a/2020/1xxx/CVE-2020-1956.json b/2020/1xxx/CVE-2020-1956.json index c45336d1c36..670a64b2aad 100644 --- a/2020/1xxx/CVE-2020-1956.json +++ b/2020/1xxx/CVE-2020-1956.json @@ -11,15 +11,21 @@ "vendor": { "vendor_data": [ { - "vendor_name": "n/a", + "vendor_name": "Apache", "product": { "product_data": [ { - "product_name": "Apache Kylin", + "product_name": "Kylin", "version": { "version_data": [ { - "version_value": "Apache Kylin 2.3.0 to 2.3.2, 2.4.0 to 2.4.1, 2.5.0 to 2.5.2, 72.6.0 to 2.6.5, 3.0.0-alpha, 3.0.0-alpha2, 3.0.0-beta, 3.0.0 to 3.0.1" + "version_value": "2.3.0" + }, + { + "version_value": "<=2.6.5" + }, + { + "version_value": "<=3.0.1" } ] } @@ -48,6 +54,11 @@ "refsource": "MISC", "name": "https://lists.apache.org/thread.html/r1332ef34cf8e2c0589cf44ad269fb1fb4c06addec6297f0320f5111d%40%3Cuser.kylin.apache.org%3E", "url": "https://lists.apache.org/thread.html/r1332ef34cf8e2c0589cf44ad269fb1fb4c06addec6297f0320f5111d%40%3Cuser.kylin.apache.org%3E" + }, + { + "refsource": "MISC", + "name": "https://community.sonarsource.com/t/apache-kylin-3-0-1-command-injection-vulnerability/25706", + "url": "https://community.sonarsource.com/t/apache-kylin-3-0-1-command-injection-vulnerability/25706" } ] }, @@ -55,7 +66,7 @@ "description_data": [ { "lang": "eng", - "value": "Kylin has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation." + "value": "Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation." } ] } diff --git a/2020/3xxx/CVE-2020-3198.json b/2020/3xxx/CVE-2020-3198.json index 9e91e98ba5b..ae932a333a7 100644 --- a/2020/3xxx/CVE-2020-3198.json +++ b/2020/3xxx/CVE-2020-3198.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload.\r For more information about these vulnerabilities, see the Details section of this advisory.\r " + "value": "Multiple vulnerabilities in Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, remote attacker or an authenticated, local attacker to execute arbitrary code on an affected system or cause an affected system to crash and reload. For more information about these vulnerabilities, see the Details section of this advisory." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3199.json b/2020/3xxx/CVE-2020-3199.json index 5cd7f6dc537..1edab660334 100644 --- a/2020/3xxx/CVE-2020-3199.json +++ b/2020/3xxx/CVE-2020-3199.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.\r For more information about these vulnerabilities, see the Details section of this advisory.\r " + "value": "Multiple vulnerabilities in the Cisco IOx application environment of Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) that are running Cisco IOS Software could allow an attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. For more information about these vulnerabilities, see the Details section of this advisory." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3200.json b/2020/3xxx/CVE-2020-3200.json index 73f898bdf2e..1270066cda4 100644 --- a/2020/3xxx/CVE-2020-3200.json +++ b/2020/3xxx/CVE-2020-3200.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload.\r The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. An attacker could exploit this vulnerability by creating an SSH connection to an affected device and using a specific traffic pattern that causes an error condition within that connection. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition.\r " + "value": "A vulnerability in the Secure Shell (SSH) server code of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, remote attacker to cause an affected device to reload. The vulnerability is due to an internal state not being represented correctly in the SSH state machine, which leads to an unexpected behavior. An attacker could exploit this vulnerability by creating an SSH connection to an affected device and using a specific traffic pattern that causes an error condition within that connection. A successful exploit could allow an attacker to cause the device to reload, resulting in a denial of service (DoS) condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3201.json b/2020/3xxx/CVE-2020-3201.json index 8600accd0af..7f546d6e094 100644 --- a/2020/3xxx/CVE-2020-3201.json +++ b/2020/3xxx/CVE-2020-3201.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by executing crafted Tcl arguments on an affected device. An exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. " + "value": "A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by executing crafted Tcl arguments on an affected device. An exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3203.json b/2020/3xxx/CVE-2020-3203.json index a223c7fc9ee..ef0d47628ac 100644 --- a/2020/3xxx/CVE-2020-3203.json +++ b/2020/3xxx/CVE-2020-3203.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain public key infrastructure (PKI) packets. An attacker could exploit this vulnerability by sending crafted Secure Sockets Layer (SSL) packets to an affected device. A successful exploit could cause an affected device to continuously consume memory, which could result in a memory allocation failure that leads to a crash and causes a DoS condition. " + "value": "A vulnerability in the locally significant certificate (LSC) provisioning feature of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak that could lead to a denial of service (DoS) condition. The vulnerability is due to incorrect processing of certain public key infrastructure (PKI) packets. An attacker could exploit this vulnerability by sending crafted Secure Sockets Layer (SSL) packets to an affected device. A successful exploit could cause an affected device to continuously consume memory, which could result in a memory allocation failure that leads to a crash and causes a DoS condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3204.json b/2020/3xxx/CVE-2020-3204.json index 7056b96d33b..fcd2f363db3 100644 --- a/2020/3xxx/CVE-2020-3204.json +++ b/2020/3xxx/CVE-2020-3204.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to cause memory corruption or execute the code with root privileges on the underlying OS of the affected device. " + "value": "A vulnerability in the Tool Command Language (Tcl) interpreter of Cisco IOS Software and Cisco IOS XE Software could allow an authenticated, local attacker with privileged EXEC credentials to execute arbitrary code on the underlying operating system (OS) with root privileges. The vulnerability is due to insufficient input validation of data passed to the Tcl interpreter. An attacker could exploit this vulnerability by loading malicious Tcl code on an affected device. A successful exploit could allow the attacker to cause memory corruption or execute the code with root privileges on the underlying OS of the affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3205.json b/2020/3xxx/CVE-2020-3205.json index 2887c6fe21c..e649a30fc85 100644 --- a/2020/3xxx/CVE-2020-3205.json +++ b/2020/3xxx/CVE-2020-3205.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the implementation of the inter-VM channel of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, adjacent attacker to execute arbitrary shell commands on the Virtual Device Server (VDS) of an affected device.\r The vulnerability is due to insufficient validation of signaling packets that are destined to VDS. An attacker could exploit this vulnerability by sending malicious packets to an affected device. A successful exploit could allow the attacker to execute arbitrary commands in the context of the Linux shell of VDS with the privileges of the root user. Because the device is designed on a hypervisor architecture, exploitation of a vulnerability that affects the inter-VM channel may lead to a complete system compromise.\r For more information about this vulnerability, see the Details section of this advisory.\r " + "value": "A vulnerability in the implementation of the inter-VM channel of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an unauthenticated, adjacent attacker to execute arbitrary shell commands on the Virtual Device Server (VDS) of an affected device. The vulnerability is due to insufficient validation of signaling packets that are destined to VDS. An attacker could exploit this vulnerability by sending malicious packets to an affected device. A successful exploit could allow the attacker to execute arbitrary commands in the context of the Linux shell of VDS with the privileges of the root user. Because the device is designed on a hypervisor architecture, exploitation of a vulnerability that affects the inter-VM channel may lead to a complete system compromise. For more information about this vulnerability, see the Details section of this advisory." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3206.json b/2020/3xxx/CVE-2020-3206.json index 9fe542c4bd1..e8577620373 100644 --- a/2020/3xxx/CVE-2020-3206.json +++ b/2020/3xxx/CVE-2020-3206.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the handling of IEEE 802.11w Protected Management Frames (PMFs) of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device. The vulnerability exists because the affected software does not properly validate 802.11w disassociation and deauthentication PMFs that it receives. An attacker could exploit this vulnerability by sending a spoofed 802.11w PMF from a valid, authenticated client on a network adjacent to an affected device. A successful exploit could allow the attacker to terminate a single valid user connection to the affected device. " + "value": "A vulnerability in the handling of IEEE 802.11w Protected Management Frames (PMFs) of Cisco Catalyst 9800 Series Wireless Controllers that are running Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to terminate a valid user connection to an affected device. The vulnerability exists because the affected software does not properly validate 802.11w disassociation and deauthentication PMFs that it receives. An attacker could exploit this vulnerability by sending a spoofed 802.11w PMF from a valid, authenticated client on a network adjacent to an affected device. A successful exploit could allow the attacker to terminate a single valid user connection to the affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3207.json b/2020/3xxx/CVE-2020-3207.json index e233794dee9..c50072b26c5 100644 --- a/2020/3xxx/CVE-2020-3207.json +++ b/2020/3xxx/CVE-2020-3207.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the processing of boot options of specific Cisco IOS XE Software switches could allow an authenticated, local attacker with root shell access to the underlying operating system (OS) to conduct a command injection attack during device boot.\r This vulnerability is due to insufficient input validation checks while processing boot options. An attacker could exploit this vulnerability by modifying device boot options to execute attacker-provided code. A successful exploit may allow an attacker to bypass the Secure Boot process and execute malicious code on an affected device with root-level privileges.\r " + "value": "A vulnerability in the processing of boot options of specific Cisco IOS XE Software switches could allow an authenticated, local attacker with root shell access to the underlying operating system (OS) to conduct a command injection attack during device boot. This vulnerability is due to insufficient input validation checks while processing boot options. An attacker could exploit this vulnerability by modifying device boot options to execute attacker-provided code. A successful exploit may allow an attacker to bypass the Secure Boot process and execute malicious code on an affected device with root-level privileges." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3208.json b/2020/3xxx/CVE-2020-3208.json index 1199e1f7387..55b5e29c08a 100644 --- a/2020/3xxx/CVE-2020-3208.json +++ b/2020/3xxx/CVE-2020-3208.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) could allow an authenticated, local attacker to boot a malicious software image on\r an affected device.\r The vulnerability is due to insufficient access restrictions on the area of code that manages the image verification feature. An attacker could exploit this vulnerability by first authenticating to the targeted device and then logging in to the Virtual Device Server (VDS) of an affected device. The attacker could then, from the VDS shell, disable Cisco IOS Software integrity (image) verification.\r A successful exploit could allow the attacker to boot a malicious Cisco IOS Software image on the targeted device. To exploit this vulnerability, the attacker must have valid user credentials at privilege level 15.\r " + "value": "A vulnerability in the image verification feature of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) could allow an authenticated, local attacker to boot a malicious software image on an affected device. The vulnerability is due to insufficient access restrictions on the area of code that manages the image verification feature. An attacker could exploit this vulnerability by first authenticating to the targeted device and then logging in to the Virtual Device Server (VDS) of an affected device. The attacker could then, from the VDS shell, disable Cisco IOS Software integrity (image) verification. A successful exploit could allow the attacker to boot a malicious Cisco IOS Software image on the targeted device. To exploit this vulnerability, the attacker must have valid user credentials at privilege level 15." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3209.json b/2020/3xxx/CVE-2020-3209.json index 1fb7555341a..65799802c7d 100644 --- a/2020/3xxx/CVE-2020-3209.json +++ b/2020/3xxx/CVE-2020-3209.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in software image verification in Cisco IOS XE Software could allow an unauthenticated, physical attacker to install and boot a malicious software image or execute unsigned binaries on an affected device.\r The vulnerability is due to an improper check on the area of code that manages the verification of the digital signatures\r of system image files during the initial boot process. An attacker could exploit this vulnerability by loading unsigned software on an affected device. A successful exploit could allow the attacker to install and boot a malicious software image or execute unsigned binaries on the targeted device.\r " + "value": "A vulnerability in software image verification in Cisco IOS XE Software could allow an unauthenticated, physical attacker to install and boot a malicious software image or execute unsigned binaries on an affected device. The vulnerability is due to an improper check on the area of code that manages the verification of the digital signatures of system image files during the initial boot process. An attacker could exploit this vulnerability by loading unsigned software on an affected device. A successful exploit could allow the attacker to install and boot a malicious software image or execute unsigned binaries on the targeted device." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3210.json b/2020/3xxx/CVE-2020-3210.json index 29bdf739f41..0bbfc1f2430 100644 --- a/2020/3xxx/CVE-2020-3210.json +++ b/2020/3xxx/CVE-2020-3210.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated, local attacker to execute arbitrary shell commands on the Virtual Device Server (VDS) of an affected device. The attacker must have valid user credentials at privilege level 15.\r The vulnerability is due to insufficient validation of arguments that are passed to specific VDS-related CLI commands. An attacker could exploit this vulnerability by authenticating to the targeted device and including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands in the context of the Linux shell of VDS with the privileges of the root user. \r " + "value": "A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial Integrated Services Routers (Industrial ISRs) and Cisco 1000 Series Connected Grid Routers (CGR1000) could allow an authenticated, local attacker to execute arbitrary shell commands on the Virtual Device Server (VDS) of an affected device. The attacker must have valid user credentials at privilege level 15. The vulnerability is due to insufficient validation of arguments that are passed to specific VDS-related CLI commands. An attacker could exploit this vulnerability by authenticating to the targeted device and including malicious input as the argument of an affected command. A successful exploit could allow the attacker to execute arbitrary commands in the context of the Linux shell of VDS with the privileges of the root user." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3211.json b/2020/3xxx/CVE-2020-3211.json index 760cbf64cad..3e48b40b636 100644 --- a/2020/3xxx/CVE-2020-3211.json +++ b/2020/3xxx/CVE-2020-3211.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device.\r The vulnerability is due to improper input sanitization. An attacker who has valid administrative access to an affected device could exploit this vulnerability by supplying a crafted input parameter on a form in the web UI and then submitting that form. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device, which could lead to complete system compromise.\r " + "value": "A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An attacker who has valid administrative access to an affected device could exploit this vulnerability by supplying a crafted input parameter on a form in the web UI and then submitting that form. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the device, which could lead to complete system compromise." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3212.json b/2020/3xxx/CVE-2020-3212.json index 63c96d2313f..2dc669482b0 100644 --- a/2020/3xxx/CVE-2020-3212.json +++ b/2020/3xxx/CVE-2020-3212.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device.\r The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by uploading a crafted file to the web UI of an affected device. A successful exploit could allow the attacker to inject and execute arbitrary commands with root privileges on the device.\r " + "value": "A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to execute arbitrary commands with root privileges on the underlying operating system of an affected device. The vulnerability is due to improper input sanitization. An attacker could exploit this vulnerability by uploading a crafted file to the web UI of an affected device. A successful exploit could allow the attacker to inject and execute arbitrary commands with root privileges on the device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3213.json b/2020/3xxx/CVE-2020-3213.json index 38411c724af..a983bf29b74 100644 --- a/2020/3xxx/CVE-2020-3213.json +++ b/2020/3xxx/CVE-2020-3213.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. The vulnerability is due to the ROMMON allowing for special parameters to be passed to the device at initial boot up. An attacker could exploit this vulnerability by sending parameters to the device at initial boot up. An exploit could allow the attacker to elevate from a Priv15 user to the root user and execute arbitrary commands with the privileges of the root user. " + "value": "A vulnerability in the ROMMON of Cisco IOS XE Software could allow an authenticated, local attacker to elevate privileges to those of the root user of the underlying operating system. The vulnerability is due to the ROMMON allowing for special parameters to be passed to the device at initial boot up. An attacker could exploit this vulnerability by sending parameters to the device at initial boot up. An exploit could allow the attacker to elevate from a Priv15 user to the root user and execute arbitrary commands with the privileges of the root user." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3214.json b/2020/3xxx/CVE-2020-3214.json index 593b0fa3155..44269fe8f32 100644 --- a/2020/3xxx/CVE-2020-3214.json +++ b/2020/3xxx/CVE-2020-3214.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. The vulnerability is due to insufficient validation of user-supplied content. This vulnerability could allow an attacker to load malicious software onto an affected device. " + "value": "A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to escalate their privileges to a user with root-level privileges. The vulnerability is due to insufficient validation of user-supplied content. This vulnerability could allow an attacker to load malicious software onto an affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3215.json b/2020/3xxx/CVE-2020-3215.json index 7d1476b30e1..ee313eaca4a 100644 --- a/2020/3xxx/CVE-2020-3215.json +++ b/2020/3xxx/CVE-2020-3215.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the Virtual Services Container of Cisco IOS XE Software could allow an authenticated, local attacker to gain root-level privileges on an affected device. The vulnerability is due to insufficient validation of a user-supplied open virtual appliance (OVA). An attacker could exploit this vulnerability by installing a malicious OVA on an affected device. " + "value": "A vulnerability in the Virtual Services Container of Cisco IOS XE Software could allow an authenticated, local attacker to gain root-level privileges on an affected device. The vulnerability is due to insufficient validation of a user-supplied open virtual appliance (OVA). An attacker could exploit this vulnerability by installing a malicious OVA on an affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3216.json b/2020/3xxx/CVE-2020-3216.json index cc36e06c170..9d2a2be3fef 100644 --- a/2020/3xxx/CVE-2020-3216.json +++ b/2020/3xxx/CVE-2020-3216.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device. " + "value": "A vulnerability in Cisco IOS XE SD-WAN Software could allow an unauthenticated, physical attacker to bypass authentication and gain unrestricted access to the root shell of an affected device. The vulnerability exists because the affected software has insufficient authentication mechanisms for certain commands. An attacker could exploit this vulnerability by stopping the boot initialization of an affected device. A successful exploit could allow the attacker to bypass authentication and gain unrestricted access to the root shell of the affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3217.json b/2020/3xxx/CVE-2020-3217.json index 90e0886e832..29eaea6e36f 100644 --- a/2020/3xxx/CVE-2020-3217.json +++ b/2020/3xxx/CVE-2020-3217.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device.\r The vulnerability is due to insufficient length restrictions when the onePK Topology Discovery Service parses Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol message to an affected device. An exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges, or to cause a process crash, which could result in a reload of the device and cause a DoS condition.\r " + "value": "A vulnerability in the Topology Discovery Service of Cisco One Platform Kit (onePK) in Cisco IOS Software, Cisco IOS XE Software, Cisco IOS XR Software, and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to insufficient length restrictions when the onePK Topology Discovery Service parses Cisco Discovery Protocol messages. An attacker could exploit this vulnerability by sending a malicious Cisco Discovery Protocol message to an affected device. An exploit could allow the attacker to cause a stack overflow, which could allow the attacker to execute arbitrary code with administrative privileges, or to cause a process crash, which could result in a reload of the device and cause a DoS condition." } ] }, @@ -87,4 +87,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3218.json b/2020/3xxx/CVE-2020-3218.json index 80258156595..998f32d578d 100644 --- a/2020/3xxx/CVE-2020-3218.json +++ b/2020/3xxx/CVE-2020-3218.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code with root privileges on the underlying Linux shell.\r The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by first creating a malicious file on the affected device itself and then uploading a second malicious file to the device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or bypass licensing requirements on the device.\r " + "value": "A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to execute arbitrary code with root privileges on the underlying Linux shell. The vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by first creating a malicious file on the affected device itself and then uploading a second malicious file to the device. A successful exploit could allow the attacker to execute arbitrary code with root privileges or bypass licensing requirements on the device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3219.json b/2020/3xxx/CVE-2020-3219.json index 1d3c6a50497..fa5cb34bf2d 100644 --- a/2020/3xxx/CVE-2020-3219.json +++ b/2020/3xxx/CVE-2020-3219.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device.\r The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input to the web UI. A successful exploit could allow an attacker to execute arbitrary commands with administrative privileges on an affected device.\r " + "value": "A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote attacker to inject and execute arbitrary commands with administrative privileges on the underlying operating system of an affected device. The vulnerability is due to insufficient validation of user-supplied input to the web UI. An attacker could exploit this vulnerability by submitting crafted input to the web UI. A successful exploit could allow an attacker to execute arbitrary commands with administrative privileges on an affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3220.json b/2020/3xxx/CVE-2020-3220.json index 06fc1869359..a7ab2e02ae5 100644 --- a/2020/3xxx/CVE-2020-3220.json +++ b/2020/3xxx/CVE-2020-3220.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The vulnerability is due to insufficient verification of authenticity of received Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by tampering with ESP cleartext values as a man-in-the-middle. " + "value": "A vulnerability in the hardware crypto driver of Cisco IOS XE Software for Cisco 4300 Series Integrated Services Routers and Cisco Catalyst 9800-L Wireless Controllers could allow an unauthenticated, remote attacker to disconnect legitimate IPsec VPN sessions to an affected device. The vulnerability is due to insufficient verification of authenticity of received Encapsulating Security Payload (ESP) packets. An attacker could exploit this vulnerability by tampering with ESP cleartext values as a man-in-the-middle." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3221.json b/2020/3xxx/CVE-2020-3221.json index e97b0693f4a..5bf86b1d244 100644 --- a/2020/3xxx/CVE-2020-3221.json +++ b/2020/3xxx/CVE-2020-3221.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.\r The vulnerability is due to improper validation of parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by sending a malformed Flexible NetFlow Version 9 packet to the Control and Provisioning of Wireless Access Points (CAPWAP) data port of an affected device. An exploit could allow the attacker to trigger an infinite loop, resulting in a process crash that would cause a reload of the device.\r " + "value": "A vulnerability in the Flexible NetFlow Version 9 packet processor of Cisco IOS XE Software for Cisco Catalyst 9800 Series Wireless Controllers could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to improper validation of parameters in a Flexible NetFlow Version 9 record. An attacker could exploit this vulnerability by sending a malformed Flexible NetFlow Version 9 packet to the Control and Provisioning of Wireless Access Points (CAPWAP) data port of an affected device. An exploit could allow the attacker to trigger an infinite loop, resulting in a process crash that would cause a reload of the device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3222.json b/2020/3xxx/CVE-2020-3222.json index df2ef575fd2..4403c1e2cea 100644 --- a/2020/3xxx/CVE-2020-3222.json +++ b/2020/3xxx/CVE-2020-3222.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass access control restrictions on an affected device. The vulnerability is due to the presence of a proxy service at a specific endpoint of the web UI. An attacker could exploit this vulnerability by connecting to the proxy service. An exploit could allow the attacker to bypass access restrictions on the network by proxying their access request through the management network of the affected device. As the proxy is reached over the management virtual routing and forwarding (VRF), this could reduce the effectiveness of the bypass. " + "value": "A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to bypass access control restrictions on an affected device. The vulnerability is due to the presence of a proxy service at a specific endpoint of the web UI. An attacker could exploit this vulnerability by connecting to the proxy service. An exploit could allow the attacker to bypass access restrictions on the network by proxying their access request through the management network of the affected device. As the proxy is reached over the management virtual routing and forwarding (VRF), this could reduce the effectiveness of the bypass." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3223.json b/2020/3xxx/CVE-2020-3223.json index 6a04886ba3c..318c91de6ab 100644 --- a/2020/3xxx/CVE-2020-3223.json +++ b/2020/3xxx/CVE-2020-3223.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the filesystem and then accessing it through the web UI. An exploit could allow the attacker to read arbitrary files from the underlying operating system's filesystem. " + "value": "A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with administrative privileges to read arbitrary files on the underlying filesystem of the device. The vulnerability is due to insufficient file scope limiting. An attacker could exploit this vulnerability by creating a specific file reference on the filesystem and then accessing it through the web UI. An exploit could allow the attacker to read arbitrary files from the underlying operating system's filesystem." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3224.json b/2020/3xxx/CVE-2020-3224.json index 4c1f5bd2ce9..4e1746c8a52 100644 --- a/2020/3xxx/CVE-2020-3224.json +++ b/2020/3xxx/CVE-2020-3224.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to inject IOS commands to an affected device. The injected commands should require a higher privilege level in order to be executed. \r The vulnerability is due to insufficient input validation of specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a specific web UI endpoint on an affected device. A successful exploit could allow the attacker to inject IOS commands to the affected device, which could allow the attacker to alter the configuration of the device or cause a denial of service (DoS) condition.\r " + "value": "A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker with read-only privileges to inject IOS commands to an affected device. The injected commands should require a higher privilege level in order to be executed. The vulnerability is due to insufficient input validation of specific HTTP requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a specific web UI endpoint on an affected device. A successful exploit could allow the attacker to inject IOS commands to the affected device, which could allow the attacker to alter the configuration of the device or cause a denial of service (DoS) condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3225.json b/2020/3xxx/CVE-2020-3225.json index 87bf7a9adc5..046f277fd29 100644 --- a/2020/3xxx/CVE-2020-3225.json +++ b/2020/3xxx/CVE-2020-3225.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.\r The vulnerabilities are due to insufficient input processing of CIP traffic. An attacker could exploit these vulnerabilities by sending crafted CIP traffic to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.\r " + "value": "Multiple vulnerabilities in the implementation of the Common Industrial Protocol (CIP) feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerabilities are due to insufficient input processing of CIP traffic. An attacker could exploit these vulnerabilities by sending crafted CIP traffic to be processed by an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition." } ] }, @@ -86,4 +86,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3226.json b/2020/3xxx/CVE-2020-3226.json index aff429fcf35..69658ca66f4 100644 --- a/2020/3xxx/CVE-2020-3226.json +++ b/2020/3xxx/CVE-2020-3226.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient sanity checks on received SIP messages. An attacker could exploit this vulnerability by sending crafted SIP messages to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service condition.\r " + "value": "A vulnerability in the Session Initiation Protocol (SIP) library of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to insufficient sanity checks on received SIP messages. An attacker could exploit this vulnerability by sending crafted SIP messages to an affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3227.json b/2020/3xxx/CVE-2020-3227.json index 2cbbc553854..2cd14c7c04f 100644 --- a/2020/3xxx/CVE-2020-3227.json +++ b/2020/3xxx/CVE-2020-3227.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute Cisco IOx API commands without proper authorization.\r The vulnerability is due to incorrect handling of requests for authorization tokens. An attacker could exploit this vulnerability by using a crafted API call to request such a token. An exploit could allow the attacker to obtain an authorization token and execute any of the IOx API commands on an affected device.\r " + "value": "A vulnerability in the authorization controls for the Cisco IOx application hosting infrastructure in Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute Cisco IOx API commands without proper authorization. The vulnerability is due to incorrect handling of requests for authorization tokens. An attacker could exploit this vulnerability by using a crafted API call to request such a token. An exploit could allow the attacker to obtain an authorization token and execute any of the IOx API commands on an affected device." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3228.json b/2020/3xxx/CVE-2020-3228.json index 2221d2c6d5a..76b29ba4776 100644 --- a/2020/3xxx/CVE-2020-3228.json +++ b/2020/3xxx/CVE-2020-3228.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because crafted SXP packets are mishandled. An attacker could exploit this vulnerability by sending specifically crafted SXP packets to the affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition. " + "value": "A vulnerability in Security Group Tag Exchange Protocol (SXP) in Cisco IOS Software, Cisco IOS XE Software, and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability exists because crafted SXP packets are mishandled. An attacker could exploit this vulnerability by sending specifically crafted SXP packets to the affected device. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition." } ] }, @@ -85,4 +85,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3229.json b/2020/3xxx/CVE-2020-3229.json index afbf523efbd..8fefe296675 100644 --- a/2020/3xxx/CVE-2020-3229.json +++ b/2020/3xxx/CVE-2020-3229.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user.\r The vulnerability is due to incorrect handling of RBAC for the administration GUI. An attacker could exploit this vulnerability by sending a modified HTTP request to the affected device. An exploit could allow the attacker as a Read-Only user to execute CLI commands or configuration changes as if they were an Admin user.\r " + "value": "A vulnerability in Role Based Access Control (RBAC) functionality of Cisco IOS XE Web Management Software could allow a Read-Only authenticated, remote attacker to execute commands or configuration changes as an Admin user. The vulnerability is due to incorrect handling of RBAC for the administration GUI. An attacker could exploit this vulnerability by sending a modified HTTP request to the affected device. An exploit could allow the attacker as a Read-Only user to execute CLI commands or configuration changes as if they were an Admin user." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3230.json b/2020/3xxx/CVE-2020-3230.json index 6515db7687c..4e3cf6cfaf5 100644 --- a/2020/3xxx/CVE-2020-3230.json +++ b/2020/3xxx/CVE-2020-3230.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations.\r The vulnerability is due to incorrect handling of crafted IKEv2 SA-Init packets. An attacker could exploit this vulnerability by sending crafted IKEv2 SA-Init packets to the affected device. An exploit could allow the attacker to cause the affected device to reach the maximum incoming negotiation limits and prevent further IKEv2 security associations from being formed.\r " + "value": "A vulnerability in the Internet Key Exchange Version 2 (IKEv2) implementation in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to prevent IKEv2 from establishing new security associations. The vulnerability is due to incorrect handling of crafted IKEv2 SA-Init packets. An attacker could exploit this vulnerability by sending crafted IKEv2 SA-Init packets to the affected device. An exploit could allow the attacker to cause the affected device to reach the maximum incoming negotiation limits and prevent further IKEv2 security associations from being formed." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3231.json b/2020/3xxx/CVE-2020-3231.json index 72ededb42cf..43368855ab8 100644 --- a/2020/3xxx/CVE-2020-3231.json +++ b/2020/3xxx/CVE-2020-3231.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is received on the 802.1X-enabled port is mishandled. An attacker could exploit this vulnerability by sending broadcast traffic on the port before being authenticated. A successful exploit could allow the attacker to send and receive broadcast traffic on the 802.1X-enabled port before authentication. " + "value": "A vulnerability in the 802.1X feature of Cisco Catalyst 2960-L Series Switches and Cisco Catalyst CDB-8P Switches could allow an unauthenticated, adjacent attacker to forward broadcast traffic before being authenticated on the port. The vulnerability exists because broadcast traffic that is received on the 802.1X-enabled port is mishandled. An attacker could exploit this vulnerability by sending broadcast traffic on the port before being authenticated. A successful exploit could allow the attacker to send and receive broadcast traffic on the 802.1X-enabled port before authentication." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3232.json b/2020/3xxx/CVE-2020-3232.json index c2255a93a15..9016ae67a60 100644 --- a/2020/3xxx/CVE-2020-3232.json +++ b/2020/3xxx/CVE-2020-3232.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of data that is returned for Cisco Discovery Protocol queries to SNMP. An attacker could exploit this vulnerability by sending a request for Cisco Discovery Protocol information by using SNMP. An exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition. " + "value": "A vulnerability in the Simple Network Management Protocol (SNMP) implementation in Cisco ASR 920 Series Aggregation Services Router model ASR920-12SZ-IM could allow an authenticated, remote attacker to cause the device to reload. The vulnerability is due to incorrect handling of data that is returned for Cisco Discovery Protocol queries to SNMP. An attacker could exploit this vulnerability by sending a request for Cisco Discovery Protocol information by using SNMP. An exploit could allow the attacker to cause the affected device to reload, resulting in a denial of service (DoS) condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3956.json b/2020/3xxx/CVE-2020-3956.json index d271728ff12..70e642f7e6c 100644 --- a/2020/3xxx/CVE-2020-3956.json +++ b/2020/3xxx/CVE-2020-3956.json @@ -58,6 +58,11 @@ "refsource": "MISC", "name": "https://github.com/aaronsvk/CVE-2020-3956", "url": "https://github.com/aaronsvk/CVE-2020-3956" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157909/vCloud-Director-9.7.0.15498291-Remote-Code-Execution.html", + "url": "http://packetstormsecurity.com/files/157909/vCloud-Director-9.7.0.15498291-Remote-Code-Execution.html" } ] }, diff --git a/2020/9xxx/CVE-2020-9484.json b/2020/9xxx/CVE-2020-9484.json index 19e4f55b4d4..402e6a51bbf 100644 --- a/2020/9xxx/CVE-2020-9484.json +++ b/2020/9xxx/CVE-2020-9484.json @@ -88,6 +88,11 @@ "refsource": "FULLDISC", "name": "20200602 [CVE-2020-9484] Apache Tomcat RCE via PersistentManager", "url": "http://seclists.org/fulldisclosure/2020/Jun/6" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html", + "url": "http://packetstormsecurity.com/files/157924/Apache-Tomcat-CVE-2020-9484-Proof-Of-Concept.html" } ] },