From 411f43da2cbbfc66b2345eededc2a8a9996c0d0f Mon Sep 17 00:00:00 2001 From: santosomar Date: Wed, 1 Jul 2020 19:57:10 +0000 Subject: [PATCH 1/5] Adding Cisco CVE-2020-3297 --- 2020/3xxx/CVE-2020-3297.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2020/3xxx/CVE-2020-3297.json b/2020/3xxx/CVE-2020-3297.json index 521b55a86d6..00593ef19a6 100644 --- a/2020/3xxx/CVE-2020-3297.json +++ b/2020/3xxx/CVE-2020-3297.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2020-07-01T16:00:00", "ID": "CVE-2020-3297", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Small Business Smart and Managed Switches Session Management Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Small Business 200 Series Smart Switches ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\r A vulnerability in session management for the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to defeat authentication protections and gain unauthorized access to the management interface. The attacker could obtain the privileges of the highjacked session account, which could include administrator privileges on the device.\r The vulnerability is due to the use of weak entropy generation for session identifier values. An attacker could exploit this vulnerability to determine a current session identifier through brute force and reuse that session identifier to take over an ongoing session. In this way, an attacker could take actions within the management interface with privileges up to the level of the administrative user.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "8.1", + "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-287" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20200701 Cisco Small Business Smart and Managed Switches Session Management Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-sbswitch-session-JZAS5jnY" + } + ] + }, + "source": { + "advisory": "cisco-sa-sbswitch-session-JZAS5jnY", + "defect": [ + [ + "CSCvt53117" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 469c4345f8852146174262e960ee45ebb087a1ee Mon Sep 17 00:00:00 2001 From: santosomar Date: Wed, 1 Jul 2020 19:57:21 +0000 Subject: [PATCH 2/5] Adding Cisco CVE-2020-3340 --- 2020/3xxx/CVE-2020-3340.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2020/3xxx/CVE-2020-3340.json b/2020/3xxx/CVE-2020-3340.json index 969ed209c94..b11d099a775 100644 --- a/2020/3xxx/CVE-2020-3340.json +++ b/2020/3xxx/CVE-2020-3340.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2020-07-01T16:00:00", "ID": "CVE-2020-3340", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Identity Services Engine Software ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\r Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface.\r These vulnerabilities are due to insufficient validation of user-supplied input that is processed by the web-based management interface. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. To exploit these vulnerabilities, an attacker would need valid administrative credentials.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of these vulnerabilities that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "4.8", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20200701 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mlt-ise-strd-xss-nqFhTtx7" + } + ] + }, + "source": { + "advisory": "cisco-sa-mlt-ise-strd-xss-nqFhTtx7", + "defect": [ + [ + "CSCvs96516" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From ed599ac98403c501263107eeac91c237aa0cbb67 Mon Sep 17 00:00:00 2001 From: santosomar Date: Wed, 1 Jul 2020 19:57:33 +0000 Subject: [PATCH 3/5] Adding Cisco CVE-2020-3391 --- 2020/3xxx/CVE-2020-3391.json | 82 +++++++++++++++++++++++++++++++++--- 1 file changed, 75 insertions(+), 7 deletions(-) diff --git a/2020/3xxx/CVE-2020-3391.json b/2020/3xxx/CVE-2020-3391.json index a9276bde5aa..4639f08a5b9 100644 --- a/2020/3xxx/CVE-2020-3391.json +++ b/2020/3xxx/CVE-2020-3391.json @@ -1,18 +1,86 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2020-07-01T16:00:00", "ID": "CVE-2020-3391", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Digital Network Architecture Center Information Disclosure Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Digital Network Architecture Center (DNA Center) ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\r A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text.\r The vulnerability is due to insecure storage of certain unencrypted credentials on an affected device. An attacker could exploit this vulnerability by viewing the network device configuration and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to use those credentials to discover and manage network devices.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "6.5", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-200" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20200701 Cisco Digital Network Architecture Center Information Disclosure Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-dnac-info-disc-6xsCyDYy" + } + ] + }, + "source": { + "advisory": "cisco-sa-dnac-info-disc-6xsCyDYy", + "defect": [ + [ + "CSCvn19092" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From 931ff2973f9367f1db2e9f1374e00fdddcf2d910 Mon Sep 17 00:00:00 2001 From: santosomar Date: Wed, 1 Jul 2020 19:57:44 +0000 Subject: [PATCH 4/5] Adding Cisco CVE-2020-3402 --- 2020/3xxx/CVE-2020-3402.json | 83 +++++++++++++++++++++++++++++++++--- 1 file changed, 76 insertions(+), 7 deletions(-) diff --git a/2020/3xxx/CVE-2020-3402.json b/2020/3xxx/CVE-2020-3402.json index 3c5fa402fa7..e08d6440446 100644 --- a/2020/3xxx/CVE-2020-3402.json +++ b/2020/3xxx/CVE-2020-3402.json @@ -1,18 +1,87 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "ASSIGNER": "psirt@cisco.com", + "DATE_PUBLIC": "2020-07-01T16:00:00", "ID": "CVE-2020-3402", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Cisco Unified Customer Voice Portal Information Disclosure Vulnerability" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "Cisco Unified IP Interactive Voice Response (IVR) ", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "Cisco" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "\r A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r The vulnerability exists because certain RMI listeners are not properly authenticated. An attacker could exploit this vulnerability by sending a crafted request to the affected listener. A successful exploit could allow the attacker to access sensitive information on an affected device.\r " } ] + }, + "exploit": [ + { + "lang": "eng", + "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory. " + } + ], + "impact": { + "cvss": { + "baseScore": "5.3", + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N ", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-306" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "20200701 Cisco Unified Customer Voice Portal Information Disclosure Vulnerability", + "refsource": "CISCO", + "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-cvp-info-dislosure-NZBEwj9V" + } + ] + }, + "source": { + "advisory": "cisco-sa-cvp-info-dislosure-NZBEwj9V", + "defect": [ + [ + "CSCvp98656", + "CSCvt45220" + ] + ], + "discovery": "INTERNAL" } -} \ No newline at end of file +} From a56bfc52df4cab76cb5fdb9942c685b4c3f8b93c Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 2 Jul 2020 05:01:27 +0000 Subject: [PATCH 5/5] "-Synchronized-Data." --- 2020/3xxx/CVE-2020-3297.json | 4 ++-- 2020/3xxx/CVE-2020-3340.json | 4 ++-- 2020/3xxx/CVE-2020-3391.json | 4 ++-- 2020/3xxx/CVE-2020-3402.json | 4 ++-- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/2020/3xxx/CVE-2020-3297.json b/2020/3xxx/CVE-2020-3297.json index 00593ef19a6..1b5b06f01b2 100644 --- a/2020/3xxx/CVE-2020-3297.json +++ b/2020/3xxx/CVE-2020-3297.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in session management for the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to defeat authentication protections and gain unauthorized access to the management interface. The attacker could obtain the privileges of the highjacked session account, which could include administrator privileges on the device.\r The vulnerability is due to the use of weak entropy generation for session identifier values. An attacker could exploit this vulnerability to determine a current session identifier through brute force and reuse that session identifier to take over an ongoing session. In this way, an attacker could take actions within the management interface with privileges up to the level of the administrative user.\r " + "value": "A vulnerability in session management for the web-based interface of Cisco Small Business Smart and Managed Switches could allow an unauthenticated, remote attacker to defeat authentication protections and gain unauthorized access to the management interface. The attacker could obtain the privileges of the highjacked session account, which could include administrator privileges on the device. The vulnerability is due to the use of weak entropy generation for session identifier values. An attacker could exploit this vulnerability to determine a current session identifier through brute force and reuse that session identifier to take over an ongoing session. In this way, an attacker could take actions within the management interface with privileges up to the level of the administrative user." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3340.json b/2020/3xxx/CVE-2020-3340.json index b11d099a775..cd57b4ea15a 100644 --- a/2020/3xxx/CVE-2020-3340.json +++ b/2020/3xxx/CVE-2020-3340.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface.\r These vulnerabilities are due to insufficient validation of user-supplied input that is processed by the web-based management interface. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. To exploit these vulnerabilities, an attacker would need valid administrative credentials.\r " + "value": "Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative credentials to conduct a cross-site scripting (XSS) attack against a user of the interface. These vulnerabilities are due to insufficient validation of user-supplied input that is processed by the web-based management interface. An attacker could exploit these vulnerabilities by injecting malicious code into specific pages of the interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive, browser-based information. To exploit these vulnerabilities, an attacker would need valid administrative credentials." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3391.json b/2020/3xxx/CVE-2020-3391.json index 4639f08a5b9..24134129059 100644 --- a/2020/3xxx/CVE-2020-3391.json +++ b/2020/3xxx/CVE-2020-3391.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text.\r The vulnerability is due to insecure storage of certain unencrypted credentials on an affected device. An attacker could exploit this vulnerability by viewing the network device configuration and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to use those credentials to discover and manage network devices.\r " + "value": "A vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, remote attacker to view sensitive information in clear text. The vulnerability is due to insecure storage of certain unencrypted credentials on an affected device. An attacker could exploit this vulnerability by viewing the network device configuration and obtaining credentials that they may not normally have access to. A successful exploit could allow the attacker to use those credentials to discover and manage network devices." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3402.json b/2020/3xxx/CVE-2020-3402.json index e08d6440446..c370de24c63 100644 --- a/2020/3xxx/CVE-2020-3402.json +++ b/2020/3xxx/CVE-2020-3402.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": "\r A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to access sensitive information on an affected device.\r The vulnerability exists because certain RMI listeners are not properly authenticated. An attacker could exploit this vulnerability by sending a crafted request to the affected listener. A successful exploit could allow the attacker to access sensitive information on an affected device.\r " + "value": "A vulnerability in the Java Remote Method Invocation (RMI) interface of Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to access sensitive information on an affected device. The vulnerability exists because certain RMI listeners are not properly authenticated. An attacker could exploit this vulnerability by sending a crafted request to the affected listener. A successful exploit could allow the attacker to access sensitive information on an affected device." } ] }, @@ -84,4 +84,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file