admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-04-06 17:01:24 +00:00
parent 94537b0d14
commit 45a9c9d33c
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
2 changed files with 9 additions and 53 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
2020/5xxx/CVE-2020-5300.json
View File

@ -35,7 +35,7 @@
"description_data": [
{
"lang": "eng",
"value": "In Hydra (an OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go), before version 1.4.0+oryOS.17,\nwhen using client authentication method 'private_key_jwt' [1], OpenId specification says the following about assertion `jti`:\n\"A unique identifier for the token, which can be used to prevent reuse of the token.\nThese tokens MUST only be used once, unless conditions for reuse were negotiated between the parties\".\n\nHydra does not check the uniqueness of this `jti` value. \n\nExploiting this vulnerability is somewhat difficult because:\n- TLS protects against MITM which makes it difficult to intercept valid tokens for replay attacks\n- The expiry time of the JWT gives only a short window of opportunity where it could be replayed\n\nThis has been patched in version v1.4.0+oryOS.17"
"value": "In Hydra (an OAuth2 Server and OpenID Certified\u2122 OpenID Connect Provider written in Go), before version 1.4.0+oryOS.17, when using client authentication method 'private_key_jwt' [1], OpenId specification says the following about assertion `jti`: \"A unique identifier for the token, which can be used to prevent reuse of the token. These tokens MUST only be used once, unless conditions for reuse were negotiated between the parties\". Hydra does not check the uniqueness of this `jti` value. Exploiting this vulnerability is somewhat difficult because: - TLS protects against MITM which makes it difficult to intercept valid tokens for replay attacks - The expiry time of the JWT gives only a short window of opportunity where it could be replayed This has been patched in version v1.4.0+oryOS.17"
}
]
},
@ -90,4 +90,4 @@
"advisory": "GHSA-3p3g-vpw6-4w66",
"discovery": "UNKNOWN"
}
}
}

58
2020/9xxx/CVE-2020-9473.json
View File

@ -1,61 +1,17 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-9473",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-9473",
"ASSIGNER": "cve@mitre.org",
"STATE": "REJECT"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The S. Siedle & Soehne SG 150-0 Smart Gateway <= 1.2.3 has a passwordless ftp ssh user. By using an exploit chain, an attacker with access to the network can get root access on the gateway."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://research.hisolutions.com",
"refsource": "MISC",
"name": "https://research.hisolutions.com"
"value": "** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none."
}
]
}