Update TWCERT/CC CVE-2020-3933 CVE-2020-3934 CVE-2020-3935

2025-06-08 14:08:13 +00:00 · 2020-07-27 12:14:29 +08:00 · 2020-07-27 12:14:29 +08:00 · 47a00c0745
commit 47a00c0745
parent 96cc74237a
3 changed files with 30 additions and 39 deletions
--- a/2020/3xxx/CVE-2020-3933.json
+++ b/2020/3xxx/CVE-2020-3933.json
@ -1,11 +1,11 @@
 {
    "CVE_data_meta": {
        "AKA": "TWCERT/CC",
-        "ASSIGNER": "cve@cert.org.tw",
+        "ASSIGNER": "twcert@cert.org.tw",
        "DATE_PUBLIC": "2020-02-11T03:59:00.000Z",
        "ID": "CVE-2020-3933",
        "STATE": "PUBLIC",
-        "TITLE": " Secom Co. Dr.ID - User Account Enumeration"
+        "TITLE": "TAIWAN SECOM CO., LTD. - User Account Enumeration"
    },
    "affects": {
        "vendor": {
@ -39,7 +39,7 @@
                            }
                        ]
                    },
-                    "vendor_name": "Secom Co."
+                    "vendor_name": "TAIWAN SECOM CO., LTD."
                }
            ]
        }
@ -51,7 +51,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system."
+                "value": "TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, allows attackers to enumerate and exam user account in the system."
            }
        ]
    },
@ -89,19 +89,16 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "MISC",
+                "refsource": "CONFIRM",
-                "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910017",
+                "url": "https://www.twcert.org.tw/en/cp-139-3317-d4edc-2.html"
                "name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910017"
            },
            {
-                "refsource": "MISC",
+                "refsource": "CONFIRM",
-                "url": "https://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bac",
+                "url": "https://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bac"
                "name": "https://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bac"
            },
            {
-                "refsource": "MISC",
+                "refsource": "CONFIRM",
-                "url": "https://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760b",
+                "url": "https://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760b"
                "name": "https://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760b"
            }
        ]
    },
--- a/2020/3xxx/CVE-2020-3934.json
+++ b/2020/3xxx/CVE-2020-3934.json
@ -1,11 +1,11 @@
 {
    "CVE_data_meta": {
        "AKA": "TWCERT/CC",
-        "ASSIGNER": "cve@cert.org.tw",
+        "ASSIGNER": "twcert@cert.org.tw",
        "DATE_PUBLIC": "2020-02-11T03:59:00.000Z",
        "ID": "CVE-2020-3934",
        "STATE": "PUBLIC",
-        "TITLE": "Secom Co. Dr.ID - Pre-auth SQL Injection"
+        "TITLE": "TAIWAN SECOM CO., LTD. - Pre-auth SQL Injection"
    },
    "affects": {
        "vendor": {
@ -39,7 +39,7 @@
                            }
                        ]
                    },
-                    "vendor_name": "Secom Co."
+                    "vendor_name": "TAIWAN SECOM CO., LTD."
                }
            ]
        }
@ -51,7 +51,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command."
+                "value": "TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, contains a vulnerability of Pre-auth SQL Injection, allowing attackers to inject a specific SQL command."
            }
        ]
    },
@ -89,19 +89,16 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "MISC",
+                "refsource": "CONFIRM",
-                "url": "https://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bac",
+                "url": "https://www.twcert.org.tw/en/cp-139-3318-89f76-2.html"
                "name": "https://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bac"
            },
            {
-                "refsource": "MISC",
+                "refsource": "CONFIRM",
-                "url": "https://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760b",
+                "url": "https://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bac"
                "name": "https://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760b"
            },
            {
-                "refsource": "MISC",
+                "refsource": "CONFIRM",
-                "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910016",
+                "url": "https://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760b"
                "name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910016"
            }
        ]
    },
--- a/2020/3xxx/CVE-2020-3935.json
+++ b/2020/3xxx/CVE-2020-3935.json
@ -1,11 +1,11 @@
 {
    "CVE_data_meta": {
        "AKA": "TWCERT/CC",
-        "ASSIGNER": "cve@cert.org.tw",
+        "ASSIGNER": "twcert@cert.org.tw",
        "DATE_PUBLIC": "2020-02-11T03:59:00.000Z",
        "ID": "CVE-2020-3935",
        "STATE": "PUBLIC",
-        "TITLE": "Secom Co. Dr.ID \u2013 Sensitivity Information Exposure"
+        "TITLE": "TAIWAN SECOM CO., LTD. – Sensitivity Information Exposure"
    },
    "affects": {
        "vendor": {
@ -39,7 +39,7 @@
                            }
                        ]
                    },
-                    "vendor_name": "Secom Co."
+                    "vendor_name": "TAIWAN SECOM CO., LTD."
                }
            ]
        }
@ -51,7 +51,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "Secom Co. Dr.ID, a Door Access Control and Personnel Attendance Management system, stores users\u2019 information by cleartext in the cookie, which divulges password to attackers."
+                "value": "TAIWAN SECOM CO., LTD., a Door Access Control and Personnel Attendance Management system, stores users’ information by cleartext in the cookie, which divulges password to attackers."
            }
        ]
    },
@ -89,19 +89,16 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "MISC",
+                "refsource": "CONFIRM",
-                "url": "https://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bac",
+                "url": "https://www.twcert.org.tw/en/cp-139-3319-d7b65-2.html"
                "name": "https://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bac"
            },
            {
-                "refsource": "MISC",
+                "refsource": "CONFIRM",
-                "url": "https://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760b",
+                "url": "https://www.chtsecurity.com/news/1bb85fcd-9048-4587-b4d3-b18335572bac"
                "name": "https://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760b"
            },
            {
-                "refsource": "MISC",
+                "refsource": "CONFIRM",
-                "url": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910018",
+                "url": "https://gist.github.com/chtsecurity/4db471b34c3959e5ab9ec31570e4760b"
                "name": "https://tvn.twcert.org.tw/taiwanvn/TVN-201910018"
            }
        ]
    },