From 3a1cba21a18c4f798e93c6a15d319941bc919cf1 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Mon, 17 Aug 2020 16:01:58 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/22xxx/CVE-2020-22720.json | 58 ++++---------------------------- 2020/8xxx/CVE-2020-8208.json | 50 ++++++++++++++++++++++++++-- 2020/8xxx/CVE-2020-8209.json | 50 ++++++++++++++++++++++++++-- 2020/8xxx/CVE-2020-8210.json | 50 ++++++++++++++++++++++++++-- 2020/8xxx/CVE-2020-8211.json | 50 ++++++++++++++++++++++++++-- 2020/8xxx/CVE-2020-8212.json | 50 ++++++++++++++++++++++++++-- 2020/8xxx/CVE-2020-8226.json | 55 +++++++++++++++++++++++++++++-- 2020/8xxx/CVE-2020-8230.json | 55 +++++++++++++++++++++++++++++-- 2020/8xxx/CVE-2020-8232.json | 60 ++++++++++++++++++++++++++++++++-- 2020/8xxx/CVE-2020-8233.json | 60 ++++++++++++++++++++++++++++++++-- 2020/9xxx/CVE-2020-9233.json | 50 ++++++++++++++++++++++++++-- 2020/9xxx/CVE-2020-9237.json | 50 ++++++++++++++++++++++++++-- 2020/9xxx/CVE-2020-9241.json | 50 ++++++++++++++++++++++++++-- 13 files changed, 601 insertions(+), 87 deletions(-) diff --git a/2020/22xxx/CVE-2020-22720.json b/2020/22xxx/CVE-2020-22720.json index 3913b74d28a..36f69e6c438 100644 --- a/2020/22xxx/CVE-2020-22720.json +++ b/2020/22xxx/CVE-2020-22720.json @@ -1,61 +1,17 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2020-22720", - "STATE": "PUBLIC" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "n/a", - "version": { - "version_data": [ - { - "version_value": "n/a" - } - ] - } - } - ] - }, - "vendor_name": "n/a" - } - ] - } - }, - "data_format": "MITRE", "data_type": "CVE", + "data_format": "MITRE", "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-22720", + "ASSIGNER": "cve@mitre.org", + "STATE": "REJECT" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** DISPUTED ** A local privilege escalation vulnerability in SPSSLVpnService.exe in Securepoint GmbH from Lueneburg Securepoint SSL VPN Client 2.0.28 allows a local attacker to gain privileges via a crafted malicious exe and perform unauthorized actions. NOTE: the vendor states that this issue is irrelevant because the attacker would need to have the admin password." - } - ] - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "n/a" - } - ] - } - ] - }, - "references": { - "reference_data": [ - { - "refsource": "MISC", - "name": "https://cliffb00th.wordpress.com/2020/04/03/securepoint-ssl-vpn-client-local-privilege-escalation-vulnerability/", - "url": "https://cliffb00th.wordpress.com/2020/04/03/securepoint-ssl-vpn-client-local-privilege-escalation-vulnerability/" + "value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none." } ] } diff --git a/2020/8xxx/CVE-2020-8208.json b/2020/8xxx/CVE-2020-8208.json index 99d961fcb94..021df793016 100644 --- a/2020/8xxx/CVE-2020-8208.json +++ b/2020/8xxx/CVE-2020-8208.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-8208", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Citrix XenMobile Server", + "version": { + "version_data": [ + { + "version_value": "Citrix XenMobile Server 10.12 RP1, Citrix XenMobile Server 10.11 RP4, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross-site Scripting (XSS) - Reflected (CWE-79)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.citrix.com/article/CTX277457", + "url": "https://support.citrix.com/article/CTX277457" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in Citrix XenMobile Server 10.12 before RP1, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.11 before RP6 and Citrix XenMobile Server before 10.9 RP5 allows Cross-Site Scripting (XSS)." } ] } diff --git a/2020/8xxx/CVE-2020-8209.json b/2020/8xxx/CVE-2020-8209.json index 465985e86eb..b5a4970765a 100644 --- a/2020/8xxx/CVE-2020-8209.json +++ b/2020/8xxx/CVE-2020-8209.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-8209", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Citrix XenMobile Server", + "version": { + "version_data": [ + { + "version_value": "Citrix XenMobile Server 10.12 RP2, Citrix XenMobile Server 10.11 RP4, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Path Traversal (CWE-22)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.citrix.com/article/CTX277457", + "url": "https://support.citrix.com/article/CTX277457" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control in Citrix XenMobile Server 10.12 before RP2, Citrix XenMobile Server 10.11 before RP4, Citrix XenMobile Server 10.10 before RP6 and Citrix XenMobile Server before 10.9 RP5 and leads to the ability to read arbitrary files." } ] } diff --git a/2020/8xxx/CVE-2020-8210.json b/2020/8xxx/CVE-2020-8210.json index 25e521b1fb8..be4cd0ce007 100644 --- a/2020/8xxx/CVE-2020-8210.json +++ b/2020/8xxx/CVE-2020-8210.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-8210", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Citrix XenMobile Server", + "version": { + "version_data": [ + { + "version_value": "Citrix XenMobile Server 10.12 RP3, Citrix XenMobile Server 10.11 RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Information Disclosure (CWE-200)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.citrix.com/article/CTX277457", + "url": "https://support.citrix.com/article/CTX277457" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Insufficient protection of secrets in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 discloses credentials of a service account." } ] } diff --git a/2020/8xxx/CVE-2020-8211.json b/2020/8xxx/CVE-2020-8211.json index 763ca649549..03b08f28a56 100644 --- a/2020/8xxx/CVE-2020-8211.json +++ b/2020/8xxx/CVE-2020-8211.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-8211", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Citrix XenMobile Server", + "version": { + "version_data": [ + { + "version_value": "Citrix XenMobile Server 10.12 RP3, Citrix XenMobile Server 10.11 RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Command Injection - Generic (CWE-77)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.citrix.com/article/CTX277457", + "url": "https://support.citrix.com/article/CTX277457" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper input validation in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 allows SQL Injection." } ] } diff --git a/2020/8xxx/CVE-2020-8212.json b/2020/8xxx/CVE-2020-8212.json index 162e543d475..0993b08eb3d 100644 --- a/2020/8xxx/CVE-2020-8212.json +++ b/2020/8xxx/CVE-2020-8212.json @@ -4,14 +4,58 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-8212", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "Citrix XenMobile Server", + "version": { + "version_data": [ + { + "version_value": "Citrix XenMobile Server 10.12 RP3, Citrix XenMobile Server 10.11 RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Exposed Dangerous Method or Function (CWE-749)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://support.citrix.com/article/CTX277457", + "url": "https://support.citrix.com/article/CTX277457" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Improper access control in Citrix XenMobile Server 10.12 before RP3, Citrix XenMobile Server 10.11 before RP6, Citrix XenMobile Server 10.10 RP6 and Citrix XenMobile Server before 10.9 RP5 allows access to privileged functionality." } ] } diff --git a/2020/8xxx/CVE-2020-8226.json b/2020/8xxx/CVE-2020-8226.json index 49bc4b05b24..bec56a9152d 100644 --- a/2020/8xxx/CVE-2020-8226.json +++ b/2020/8xxx/CVE-2020-8226.json @@ -4,14 +4,63 @@ "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-8226", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "support@hackerone.com", + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "https://github.com/phpbb/phpbb", + "version": { + "version_data": [ + { + "version_value": "3.2.10 and 3.3.1" + } + ] + } + } + ] + } + } + ] + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Externally Controlled Reference to a Resource in Another Sphere (CWE-610)" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.phpbb.com/community/viewtopic.php?f=14&t=2562631", + "url": "https://www.phpbb.com/community/viewtopic.php?f=14&t=2562631" + }, + { + "refsource": "MISC", + "name": "https://www.phpbb.com/community/viewtopic.php?f=14&t=2562636", + "url": "https://www.phpbb.com/community/viewtopic.php?f=14&t=2562636" + } + ] }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability exists in phpBB