From 3ff48d368186a283cec3fb5052705655250d56f4 Mon Sep 17 00:00:00 2001 From: Scott Moore - IBM Date: Thu, 14 May 2020 11:47:13 -0400 Subject: [PATCH] IBM20200514-114713 Added CVE-2020-4299, CVE-2020-4285, CVE-2020-4468, CVE-2020-4262, CVE-2020-4266, CVE-2020-4263, CVE-2020-4287, CVE-2020-4257, CVE-2020-4264, CVE-2020-4467, CVE-2020-4261, CVE-2020-4422, CVE-2020-4288, CVE-2020-4258, CVE-2020-4259, CVE-2020-4265, CVE-2020-4365, CVE-2020-4343 --- 2020/4xxx/CVE-2020-4257.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4258.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4259.json | 105 ++++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4261.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4262.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4263.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4264.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4265.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4266.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4285.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4287.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4288.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4299.json | 105 ++++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4343.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4365.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4422.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4467.json | 102 +++++++++++++++++++++++++++++----- 2020/4xxx/CVE-2020-4468.json | 102 +++++++++++++++++++++++++++++----- 18 files changed, 1572 insertions(+), 270 deletions(-) diff --git a/2020/4xxx/CVE-2020-4257.json b/2020/4xxx/CVE-2020-4257.json index 9e0c98768a9..8b911f1f196 100644 --- a/2020/4xxx/CVE-2020-4257.json +++ b/2020/4xxx/CVE-2020-4257.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4257", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "references" : { + "reference_data" : [ + { + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)", + "refsource" : "CONFIRM", + "name" : "https://www.ibm.com/support/pages/node/6209081", + "url" : "https://www.ibm.com/support/pages/node/6209081" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175635", + "name" : "ibm-i2-cve20204257-bo (175635)", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF" + } + ] + }, + "data_format" : "MITRE", + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2020-4257", + "DATE_PUBLIC" : "2020-05-13T00:00:00" + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175635." + } + ] + }, + "data_version" : "4.0", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "i2 Analysts Notebook", + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "data_type" : "CVE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Privileges", + "lang" : "eng" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "SCORE" : "7.800", + "AV" : "L", + "UI" : "R", + "S" : "U", + "C" : "H", + "PR" : "N", + "A" : "H", + "AC" : "L", + "I" : "H" + }, + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "U" + } + } + } +} diff --git a/2020/4xxx/CVE-2020-4258.json b/2020/4xxx/CVE-2020-4258.json index 52be9910084..e341620d122 100644 --- a/2020/4xxx/CVE-2020-4258.json +++ b/2020/4xxx/CVE-2020-4258.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4258", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "impact" : { + "cvssv3" : { + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + }, + "BM" : { + "I" : "H", + "AC" : "L", + "C" : "H", + "PR" : "N", + "A" : "H", + "SCORE" : "7.800", + "AV" : "L", + "UI" : "R", + "S" : "U" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Privileges", + "lang" : "eng" + } + ] + } + ] + }, + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175637.", + "lang" : "eng" + } + ] + }, + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2020-4258", + "DATE_PUBLIC" : "2020-05-13T00:00:00" + }, + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)", + "refsource" : "CONFIRM", + "name" : "https://www.ibm.com/support/pages/node/6209081", + "url" : "https://www.ibm.com/support/pages/node/6209081" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175637", + "name" : "ibm-i2-cve20204258-bo (175637)" + } + ] + } +} diff --git a/2020/4xxx/CVE-2020-4259.json b/2020/4xxx/CVE-2020-4259.json index eb2f85fab4d..bdafa8ff990 100644 --- a/2020/4xxx/CVE-2020-4259.json +++ b/2020/4xxx/CVE-2020-4259.json @@ -1,18 +1,93 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4259", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6208038 (Sterling File Gateway)", + "url" : "https://www.ibm.com/support/pages/node/6208038", + "name" : "https://www.ibm.com/support/pages/node/6208038" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175638", + "name" : "ibm-sterling-cve20204259-sec-bypass (175638)", + "refsource" : "XF", + "title" : "X-Force Vulnerability Report" + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Bypass Security" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "SCORE" : "6.500", + "AV" : "N", + "UI" : "N", + "S" : "U", + "C" : "N", + "PR" : "L", + "A" : "N", + "AC" : "L", + "I" : "H" + }, + "TM" : { + "RC" : "C", + "RL" : "O", + "E" : "U" + } + } + }, + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "2.2.0.0" + }, + { + "version_value" : "6.0.3.1" + } + ] + }, + "product_name" : "Sterling File Gateway" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM Sterling File Gateway 2.2.0.0 through 6.0.3.1 could allow an authenticated user could manipulate cookie information and remove or add modules from the cookie to access functionality not authorized to. IBM X-Force ID: 175638.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "CVE_data_meta" : { + "ID" : "CVE-2020-4259", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "DATE_PUBLIC" : "2020-05-13T00:00:00" + } +} diff --git a/2020/4xxx/CVE-2020-4261.json b/2020/4xxx/CVE-2020-4261.json index adbae7a6449..2cd5cede534 100644 --- a/2020/4xxx/CVE-2020-4261.json +++ b/2020/4xxx/CVE-2020-4261.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4261", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "name" : "https://www.ibm.com/support/pages/node/6209081", + "url" : "https://www.ibm.com/support/pages/node/6209081", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)" + }, + { + "title" : "X-Force Vulnerability Report", + "refsource" : "XF", + "name" : "ibm-i2-cve20204261-bo (175644)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175644" + } + ] + }, + "data_type" : "CVE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Privileges" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "I" : "H", + "AC" : "L", + "PR" : "N", + "C" : "H", + "A" : "H", + "SCORE" : "7.800", + "AV" : "L", + "UI" : "R", + "S" : "U" + }, + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "U" + } + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175644.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "CVE_data_meta" : { + "ID" : "CVE-2020-4261", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "DATE_PUBLIC" : "2020-05-13T00:00:00" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + } +} diff --git a/2020/4xxx/CVE-2020-4262.json b/2020/4xxx/CVE-2020-4262.json index d90afe2c107..f1734749edd 100644 --- a/2020/4xxx/CVE-2020-4262.json +++ b/2020/4xxx/CVE-2020-4262.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4262", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_type" : "CVE", + "impact" : { + "cvssv3" : { + "BM" : { + "C" : "H", + "PR" : "N", + "A" : "H", + "AV" : "L", + "SCORE" : "7.800", + "S" : "U", + "UI" : "R", + "I" : "H", + "AC" : "L" + }, + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "U" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Privileges" + } + ] + } + ] + }, + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175645." + } + ] + }, + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2020-4262", + "DATE_PUBLIC" : "2020-05-13T00:00:00" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6209081", + "name" : "https://www.ibm.com/support/pages/node/6209081", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)", + "refsource" : "CONFIRM" + }, + { + "title" : "X-Force Vulnerability Report", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175645", + "name" : "ibm-i2-cve20204262-bo (175645)" + } + ] + } +} diff --git a/2020/4xxx/CVE-2020-4263.json b/2020/4xxx/CVE-2020-4263.json index 3c228c26ade..e12047fae3d 100644 --- a/2020/4xxx/CVE-2020-4263.json +++ b/2020/4xxx/CVE-2020-4263.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4263", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Privileges", + "lang" : "eng" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "AC" : "L", + "I" : "H", + "AV" : "L", + "SCORE" : "7.800", + "S" : "U", + "UI" : "R", + "C" : "H", + "PR" : "N", + "A" : "H" + }, + "TM" : { + "E" : "U", + "RC" : "C", + "RL" : "O" + } + } + }, + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-05-13T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2020-4263" + }, + "description" : { + "description_data" : [ + { + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175646.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)", + "url" : "https://www.ibm.com/support/pages/node/6209081", + "name" : "https://www.ibm.com/support/pages/node/6209081" + }, + { + "title" : "X-Force Vulnerability Report", + "refsource" : "XF", + "name" : "ibm-i2-cve20204263-bo (175646)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175646" + } + ] + } +} diff --git a/2020/4xxx/CVE-2020-4264.json b/2020/4xxx/CVE-2020-4264.json index eebd7b40a49..0f79fd11ad5 100644 --- a/2020/4xxx/CVE-2020-4264.json +++ b/2020/4xxx/CVE-2020-4264.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4264", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Privileges", + "lang" : "eng" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "U" + }, + "BM" : { + "AC" : "L", + "I" : "H", + "S" : "U", + "UI" : "R", + "AV" : "L", + "SCORE" : "7.800", + "A" : "H", + "PR" : "N", + "C" : "H" + } + } + }, + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-05-13T00:00:00", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "ID" : "CVE-2020-4264" + }, + "description" : { + "description_data" : [ + { + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175647.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "name" : "https://www.ibm.com/support/pages/node/6209081", + "url" : "https://www.ibm.com/support/pages/node/6209081", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)", + "refsource" : "CONFIRM" + }, + { + "name" : "ibm-i2-cve20204264-bo (175647)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175647", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF" + } + ] + } +} diff --git a/2020/4xxx/CVE-2020-4265.json b/2020/4xxx/CVE-2020-4265.json index c7693c43db5..ce71fe6c68e 100644 --- a/2020/4xxx/CVE-2020-4265.json +++ b/2020/4xxx/CVE-2020-4265.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4265", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "name" : "https://www.ibm.com/support/pages/node/6209081", + "url" : "https://www.ibm.com/support/pages/node/6209081", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175648", + "name" : "ibm-i2-cve20204265-bo (175648)", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF" + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "I" : "H", + "AC" : "L", + "PR" : "N", + "C" : "H", + "A" : "H", + "AV" : "L", + "SCORE" : "7.800", + "S" : "U", + "UI" : "R" + }, + "TM" : { + "RC" : "C", + "RL" : "O", + "E" : "U" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Privileges" + } + ] + } + ] + }, + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "description" : { + "description_data" : [ + { + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175648.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "CVE_data_meta" : { + "ID" : "CVE-2020-4265", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "DATE_PUBLIC" : "2020-05-13T00:00:00" + } +} diff --git a/2020/4xxx/CVE-2020-4266.json b/2020/4xxx/CVE-2020-4266.json index 569666b8f7c..ca9ebe2228b 100644 --- a/2020/4xxx/CVE-2020-4266.json +++ b/2020/4xxx/CVE-2020-4266.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4266", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_type" : "CVE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Privileges" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "I" : "H", + "AC" : "L", + "A" : "H", + "C" : "H", + "PR" : "N", + "UI" : "R", + "S" : "U", + "SCORE" : "7.800", + "AV" : "L" + }, + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + } + } + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-05-13T00:00:00", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "ID" : "CVE-2020-4266" + }, + "description" : { + "description_data" : [ + { + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a local attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially-crafted file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 175649.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)", + "refsource" : "CONFIRM", + "url" : "https://www.ibm.com/support/pages/node/6209081", + "name" : "https://www.ibm.com/support/pages/node/6209081" + }, + { + "name" : "ibm-i2-cve20204266-bo (175649)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/175649", + "refsource" : "XF", + "title" : "X-Force Vulnerability Report" + } + ] + } +} diff --git a/2020/4xxx/CVE-2020-4285.json b/2020/4xxx/CVE-2020-4285.json index d6fb6532557..ec3885cf226 100644 --- a/2020/4xxx/CVE-2020-4285.json +++ b/2020/4xxx/CVE-2020-4285.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4285", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176266" + } + ] + }, + "data_version" : "4.0", + "CVE_data_meta" : { + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2020-4285", + "DATE_PUBLIC" : "2020-05-13T00:00:00" + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RC" : "C", + "RL" : "O", + "E" : "U" + }, + "BM" : { + "I" : "H", + "AC" : "L", + "A" : "H", + "PR" : "N", + "C" : "H", + "S" : "U", + "UI" : "R", + "AV" : "L", + "SCORE" : "7.800" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Access" + } + ] + } + ] + }, + "data_type" : "CVE", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6209081", + "name" : "https://www.ibm.com/support/pages/node/6209081", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/176266", + "name" : "ibm-i2-cve20204285-code-exec (176266)", + "refsource" : "XF", + "title" : "X-Force Vulnerability Report" + } + ] + }, + "data_format" : "MITRE" +} diff --git a/2020/4xxx/CVE-2020-4287.json b/2020/4xxx/CVE-2020-4287.json index 7aba3cfda68..8e3ec05aad2 100644 --- a/2020/4xxx/CVE-2020-4287.json +++ b/2020/4xxx/CVE-2020-4287.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4287", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Access", + "lang" : "eng" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "U" + }, + "BM" : { + "I" : "H", + "AC" : "L", + "A" : "H", + "PR" : "N", + "C" : "H", + "UI" : "R", + "S" : "U", + "SCORE" : "7.800", + "AV" : "L" + } + } + }, + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "i2 Analysts Notebook", + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176269." + } + ] + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-05-13T00:00:00", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "ID" : "CVE-2020-4287" + }, + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6209081", + "name" : "https://www.ibm.com/support/pages/node/6209081", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)" + }, + { + "name" : "ibm-i2-cve20204287-code-exec (176269)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/176269", + "title" : "X-Force Vulnerability Report", + "refsource" : "XF" + } + ] + } +} diff --git a/2020/4xxx/CVE-2020-4288.json b/2020/4xxx/CVE-2020-4288.json index c8247ac8175..6d7d90778a9 100644 --- a/2020/4xxx/CVE-2020-4288.json +++ b/2020/4xxx/CVE-2020-4288.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4288", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)", + "url" : "https://www.ibm.com/support/pages/node/6209081", + "name" : "https://www.ibm.com/support/pages/node/6209081" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "name" : "ibm-i2-cve20204288-code-exec (176270)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/176270" + } + ] + }, + "data_type" : "CVE", + "impact" : { + "cvssv3" : { + "TM" : { + "E" : "U", + "RC" : "C", + "RL" : "O" + }, + "BM" : { + "UI" : "R", + "S" : "U", + "SCORE" : "7.800", + "AV" : "L", + "A" : "H", + "PR" : "N", + "C" : "H", + "AC" : "L", + "I" : "H" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Access", + "lang" : "eng" + } + ] + } + ] + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-05-13T00:00:00", + "ID" : "CVE-2020-4288", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption error. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 176270." + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + } +} diff --git a/2020/4xxx/CVE-2020-4299.json b/2020/4xxx/CVE-2020-4299.json index c657f417380..ccdcd14b9d9 100644 --- a/2020/4xxx/CVE-2020-4299.json +++ b/2020/4xxx/CVE-2020-4299.json @@ -1,18 +1,93 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4299", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6208041 (Sterling B2B Integrator)", + "url" : "https://www.ibm.com/support/pages/node/6208041", + "name" : "https://www.ibm.com/support/pages/node/6208041" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/176606", + "name" : "ibm-sterling-cve20204299-info-disc (176606)" + } + ] + }, + "data_type" : "CVE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Obtain Information" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "S" : "U", + "UI" : "N", + "AV" : "N", + "SCORE" : "4.300", + "A" : "N", + "PR" : "L", + "C" : "L", + "AC" : "L", + "I" : "N" + }, + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + } + } + }, + "CVE_data_meta" : { + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "ID" : "CVE-2020-4299", + "DATE_PUBLIC" : "2020-05-13T00:00:00" + }, + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "value" : "IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 6.0.3.1 could expose sensitive information to a user through a specially crafted HTTP request. IBM X-Force ID: 176606.", + "lang" : "eng" + } + ] + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "5.2.0.0" + }, + { + "version_value" : "6.0.3.1" + } + ] + }, + "product_name" : "Sterling B2B Integrator" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + } +} diff --git a/2020/4xxx/CVE-2020-4343.json b/2020/4xxx/CVE-2020-4343.json index bcafb3343c0..4fb0181588f 100644 --- a/2020/4xxx/CVE-2020-4343.json +++ b/2020/4xxx/CVE-2020-4343.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4343", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)", + "refsource" : "CONFIRM", + "name" : "https://www.ibm.com/support/pages/node/6209081", + "url" : "https://www.ibm.com/support/pages/node/6209081" + }, + { + "title" : "X-Force Vulnerability Report", + "refsource" : "XF", + "name" : "ibm-i2-cve20204343-code-exec (178244)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/178244" + } + ] + }, + "impact" : { + "cvssv3" : { + "TM" : { + "RC" : "C", + "RL" : "O", + "E" : "U" + }, + "BM" : { + "C" : "H", + "PR" : "N", + "A" : "H", + "AV" : "L", + "SCORE" : "7.800", + "S" : "U", + "UI" : "R", + "I" : "H", + "AC" : "L" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Access" + } + ] + } + ] + }, + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-05-13T00:00:00", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com", + "ID" : "CVE-2020-4343" + }, + "description" : { + "description_data" : [ + { + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 178244.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0" +} diff --git a/2020/4xxx/CVE-2020-4365.json b/2020/4xxx/CVE-2020-4365.json index 69e1c7b113e..25d7e5dd2c0 100644 --- a/2020/4xxx/CVE-2020-4365.json +++ b/2020/4xxx/CVE-2020-4365.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4365", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "references" : { + "reference_data" : [ + { + "name" : "https://www.ibm.com/support/pages/node/6209099", + "url" : "https://www.ibm.com/support/pages/node/6209099", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6209099 (WebSphere Application Server)" + }, + { + "title" : "X-Force Vulnerability Report", + "refsource" : "XF", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/178964", + "name" : "ibm-websphere-cve20204365-ssrf (178964)" + } + ] + }, + "data_format" : "MITRE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "product_name" : "WebSphere Application Server", + "version" : { + "version_data" : [ + { + "version_value" : "8.5" + } + ] + } + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + }, + "CVE_data_meta" : { + "ID" : "CVE-2020-4365", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "DATE_PUBLIC" : "2020-05-13T00:00:00" + }, + "description" : { + "description_data" : [ + { + "value" : "IBM WebSphere Application Server 8.5 is vulnerable to server-side request forgery. By sending a specially crafted request, a remote authenticated attacker could exploit this vulnerability to obtain sensitive data. IBM X-Force ID: 178964.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "impact" : { + "cvssv3" : { + "BM" : { + "UI" : "N", + "S" : "U", + "SCORE" : "5.300", + "AV" : "N", + "A" : "N", + "PR" : "N", + "C" : "L", + "AC" : "L", + "I" : "N" + }, + "TM" : { + "RC" : "C", + "RL" : "O", + "E" : "U" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Access", + "lang" : "eng" + } + ] + } + ] + }, + "data_type" : "CVE" +} diff --git a/2020/4xxx/CVE-2020-4422.json b/2020/4xxx/CVE-2020-4422.json index d25e2f546dd..2eb97b5869b 100644 --- a/2020/4xxx/CVE-2020-4422.json +++ b/2020/4xxx/CVE-2020-4422.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4422", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)", + "name" : "https://www.ibm.com/support/pages/node/6209081", + "url" : "https://www.ibm.com/support/pages/node/6209081" + }, + { + "title" : "X-Force Vulnerability Report", + "refsource" : "XF", + "name" : "ibm-i2-cve20204422-code-exec (180167)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/180167" + } + ] + }, + "data_type" : "CVE", + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "Gain Privileges" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "I" : "H", + "AC" : "L", + "A" : "H", + "C" : "H", + "PR" : "N", + "UI" : "R", + "S" : "U", + "SCORE" : "7.800", + "AV" : "L" + }, + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + } + } + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-05-13T00:00:00", + "ID" : "CVE-2020-4422", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "description" : { + "description_data" : [ + { + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by a memory corruption. By persuading a victim to open a specially crafted file, a remote attacker could exploit this vulnerability to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 180167.", + "lang" : "eng" + } + ] + }, + "data_version" : "4.0", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + }, + "vendor_name" : "IBM" } - ] - } -} \ No newline at end of file + ] + } + } +} diff --git a/2020/4xxx/CVE-2020-4467.json b/2020/4xxx/CVE-2020-4467.json index 7e3ba5743c0..ad4b0a9e564 100644 --- a/2020/4xxx/CVE-2020-4467.json +++ b/2020/4xxx/CVE-2020-4467.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4467", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Access", + "lang" : "eng" + } + ] + } + ] + }, + "impact" : { + "cvssv3" : { + "BM" : { + "SCORE" : "7.800", + "AV" : "L", + "UI" : "R", + "S" : "U", + "PR" : "N", + "C" : "H", + "A" : "H", + "AC" : "L", + "I" : "H" + }, + "TM" : { + "E" : "U", + "RL" : "O", + "RC" : "C" + } + } + }, + "data_type" : "CVE", + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "product_name" : "i2 Analysts Notebook", + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + } + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 181721." + } + ] + }, + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-05-13T00:00:00", + "ID" : "CVE-2020-4467", + "STATE" : "PUBLIC", + "ASSIGNER" : "psirt@us.ibm.com" + }, + "data_format" : "MITRE", + "references" : { + "reference_data" : [ + { + "url" : "https://www.ibm.com/support/pages/node/6209081", + "name" : "https://www.ibm.com/support/pages/node/6209081", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)" + }, + { + "refsource" : "XF", + "title" : "X-Force Vulnerability Report", + "name" : "ibm-i2-cve20204467-code-exec (181721)", + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/181721" + } + ] + } +} diff --git a/2020/4xxx/CVE-2020-4468.json b/2020/4xxx/CVE-2020-4468.json index d592f33df3c..4f815eefe5f 100644 --- a/2020/4xxx/CVE-2020-4468.json +++ b/2020/4xxx/CVE-2020-4468.json @@ -1,18 +1,90 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", - "CVE_data_meta": { - "ID": "CVE-2020-4468", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" - }, - "description": { - "description_data": [ + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "IBM i2 Intelligent Analyis Platform 9.2.1 could allow a remote attacker to execute arbitrary code on the system, caused by memory corruption. By persuading a victim to open a specially-crafted document, a remote attacker could exploit this vulnerability to execute arbitrary code on the system with the privileges of the victim or cause the application to crash. IBM X-Force ID: 181723." + } + ] + }, + "data_version" : "4.0", + "CVE_data_meta" : { + "DATE_PUBLIC" : "2020-05-13T00:00:00", + "ASSIGNER" : "psirt@us.ibm.com", + "STATE" : "PUBLIC", + "ID" : "CVE-2020-4468" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ { - "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "vendor_name" : "IBM", + "product" : { + "product_data" : [ + { + "version" : { + "version_data" : [ + { + "version_value" : "9.2.1" + } + ] + }, + "product_name" : "i2 Analysts Notebook" + } + ] + } } - ] - } -} \ No newline at end of file + ] + } + }, + "data_type" : "CVE", + "impact" : { + "cvssv3" : { + "TM" : { + "RL" : "O", + "RC" : "C", + "E" : "U" + }, + "BM" : { + "I" : "H", + "AC" : "L", + "A" : "H", + "C" : "H", + "PR" : "N", + "UI" : "R", + "S" : "U", + "SCORE" : "7.800", + "AV" : "L" + } + } + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "value" : "Gain Access", + "lang" : "eng" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://www.ibm.com/support/pages/node/6209081", + "url" : "https://www.ibm.com/support/pages/node/6209081", + "refsource" : "CONFIRM", + "title" : "IBM Security Bulletin 6209081 (i2 Analysts Notebook)" + }, + { + "url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/181723", + "name" : "ibm-i2-cve20204468-code-exec (181723)", + "refsource" : "XF", + "title" : "X-Force Vulnerability Report" + } + ] + }, + "data_format" : "MITRE" +}