admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

Publish CVE-2019-11286, CVE-2020-5396, CVE-2020-5413, and CVE-2020-5414.

Browse Source
This commit is contained in:
Justin Sampson 2020-07-31 12:30:54 -07:00
parent 263b873685
commit 360d99c495
4 changed files with 385 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

115
2019/11xxx/CVE-2019-11286.json
View File

@ -3,16 +3,125 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2020-07-30T23:27:23.000Z",
"ID": "CVE-2019-11286",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "JMX Credential Deserialization in GemFire"
},
"source": {
"discovery": "UNKNOWN"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware GemFire",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.7",
"version_value": "9.7.5"
},
{
"version_affected": "<",
"version_name": "9.8",
"version_value": "9.8.5"
},
{
"version_affected": "<",
"version_name": "9.9",
"version_value": "9.9.1"
},
{
"version_affected": "<",
"version_name": "9.10",
"version_value": "9.10.0"
}
]
}
},
{
"product_name": "VMware Tanzu GemFire for VMs",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.9",
"version_value": "1.9.2"
},
{
"version_affected": "<",
"version_name": "1.10",
"version_value": "1.10.1"
},
{
"version_affected": "<",
"version_name": "1.8",
"version_value": "1.8.2"
},
{
"version_affected": "<",
"version_name": "1.11",
"version_value": "1.11.0"
}
]
}
}
]
},
"vendor_name": "VMware Tanzu"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware GemFire versions prior to 9.10.0, 9.9.1, 9.8.5, and 9.7.5, and VMware Tanzu GemFire for VMs versions prior to 1.11.0, 1.10.1, 1.9.2, and 1.8.2, contain a JMX service available to the network which does not properly restrict input. A remote authenticated malicious user may request against the service with a crafted set of credentials leading to remote code execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502: Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://tanzu.vmware.com/security/cve-2019-11286",
"name": "https://tanzu.vmware.com/security/cve-2019-11286"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:H",
"version": "3.0"
}
}
}

92
2020/5xxx/CVE-2020-5396.json
View File

@ -3,16 +3,100 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2020-07-30T23:27:40.000Z",
"ID": "CVE-2020-5396",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "JMX Insecure Default Configuration in GemFire"
},
"source": {
"discovery": "UNKNOWN"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "VMware Tanzu GemFire for VMs",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.10",
"version_value": "1.10.2"
},
{
"version_affected": "<",
"version_name": "1.11",
"version_value": "1.11.1"
}
]
}
},
{
"product_name": "VMware GemFire",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "9.7",
"version_value": "9.7.6"
},
{
"version_affected": "<",
"version_name": "9.8",
"version_value": "9.8.7"
},
{
"version_affected": "<",
"version_name": "9.9",
"version_value": "9.9.2"
},
{
"version_affected": "<",
"version_name": "9.10",
"version_value": "9.10.0"
}
]
}
}
]
},
"vendor_name": "VMware Tanzu"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and VMware Tanzu GemFire for VMs versions prior to 1.11.1 and 1.10.2, when deployed without a SecurityManager, contain a JMX service available which contains an insecure default configuration. This allows a malicious user to create an MLet mbean leading to remote code execution."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-284: Improper Access Control - Generic"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://tanzu.vmware.com/security/cve-2020-5396",
"name": "https://tanzu.vmware.com/security/cve-2020-5396"
}
]
},
"impact": null
}

75
2020/5xxx/CVE-2020-5413.json
View File

@ -3,16 +3,83 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2020-07-23T00:00:00.000Z",
"ID": "CVE-2020-5413",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "Kryo Configuration Allows Code Execution with Unknown \"Serialization Gadgets\""
},
"source": {
"discovery": "UNKNOWN"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Spring Integration",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "4.3",
"version_value": "v4.3.23.RELEASE"
},
{
"version_affected": "<",
"version_name": "5.1",
"version_value": "v5.1.12.RELEASE"
},
{
"version_affected": "<",
"version_name": "5.2",
"version_value": "v5.2.8.RELEASE"
},
{
"version_affected": "<",
"version_name": "5.3",
"version_value": "v5.3.2.RELEASE"
}
]
}
}
]
},
"vendor_name": "Spring by VMware"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Spring Integration framework provides Kryo Codec implementations as an alternative for Java (de)serialization. When Kryo is configured with default options, all unregistered classes are resolved on demand. This leads to the \"deserialization gadgets\" exploit when provided data contains malicious code for execution during deserialization. In order to protect against this type of attack, Kryo can be configured to require a set of trusted classes for (de)serialization. Spring Integration should be proactive against blocking unknown \"deserialization gadgets\" when configuring Kryo in code."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-502: Deserialization of Untrusted Data"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://tanzu.vmware.com/security/cve-2020-5413",
"name": "https://tanzu.vmware.com/security/cve-2020-5413"
}
]
},
"impact": null
}

117
2020/5xxx/CVE-2020-5414.json
View File

@ -3,16 +3,127 @@
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "security@pivotal.io",
"DATE_PUBLIC": "2020-07-30T23:34:26.000Z",
"ID": "CVE-2020-5414",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"STATE": "PUBLIC",
"TITLE": "App Autoscaler logs credentials"
},
"source": {
"discovery": "UNKNOWN"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "PCF Autoscaling",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "All",
"version_value": "v232"
}
]
}
},
{
"product_name": "Operations Manager",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.7",
"version_value": "2.7.15"
},
{
"version_affected": "<",
"version_name": "2.8",
"version_value": "2.8.6"
},
{
"version_affected": "<",
"version_name": "2.9",
"version_value": "2.9.1"
}
]
}
},
{
"product_name": "VMware Tanzu Application Service for VMs",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.9.x",
"version_value": "2.9.7"
},
{
"version_affected": "<",
"version_name": "2.7.x",
"version_value": "2.7.19"
},
{
"version_affected": "<",
"version_name": "2.8.x",
"version_value": "2.8.13"
}
]
}
}
]
},
"vendor_name": "VMware Tanzu"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "VMware Tanzu Application Service for VMs (2.7.x versions prior to 2.7.19, 2.8.x versions prior to 2.8.13, and 2.9.x versions prior to 2.9.7) contains an App Autoscaler that logs the UAA admin password. This credential is redacted on VMware Tanzu Operations Manager; however, the unredacted logs are available to authenticated users of the BOSH Director. This credential would grant administrative privileges to a malicious user.\nThe same versions of App Autoscaler also log the App Autoscaler Broker password. Prior to newer versions of Operations Manager, this credential was not redacted from logs. This credential allows a malicious user to create, delete, and modify App Autoscaler services instances. Operations Manager started redacting this credential from logs as of its versions 2.7.15, 2.8.6, and 2.9.1.\nNote that these logs are typically only visible to foundation administrators and operators."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://tanzu.vmware.com/security/cve-2020-5414",
"name": "https://tanzu.vmware.com/security/cve-2020-5414"
}
]
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:L/I:L/A:H",
"version": "3.0"
}
}
}