From 49460145a7e6488d1ff6e2132135f593d0eb2535 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 3 Jun 2020 20:01:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/3xxx/CVE-2020-3335.json | 4 ++-- 2020/3xxx/CVE-2020-3339.json | 4 ++-- 2020/3xxx/CVE-2020-3353.json | 4 ++-- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/2020/3xxx/CVE-2020-3335.json b/2020/3xxx/CVE-2020-3335.json index 18911cf3c7a..c82c05fc066 100644 --- a/2020/3xxx/CVE-2020-3335.json +++ b/2020/3xxx/CVE-2020-3335.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization limitations. An attacker could exploit this vulnerability by logging in to an affected device locally with valid credentials. A successful exploit could allow the attacker to read the sensitive information of other users on the affected device. " + "value": "A vulnerability in the key store of Cisco Application Services Engine Software could allow an authenticated, local attacker to read sensitive information of other users on an affected device. The vulnerability is due to insufficient authorization limitations. An attacker could exploit this vulnerability by logging in to an affected device locally with valid credentials. A successful exploit could allow the attacker to read the sensitive information of other users on the affected device." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3339.json b/2020/3xxx/CVE-2020-3339.json index 62921c22546..e4a73af5958 100644 --- a/2020/3xxx/CVE-2020-3339.json +++ b/2020/3xxx/CVE-2020-3339.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain and modify sensitive information that is stored in the underlying database. " + "value": "A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct SQL injection attacks on an affected system. The vulnerability is due to improper validation of user-submitted parameters. An attacker could exploit this vulnerability by authenticating to the application and sending malicious requests to an affected system. A successful exploit could allow the attacker to obtain and modify sensitive information that is stored in the underlying database." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file diff --git a/2020/3xxx/CVE-2020-3353.json b/2020/3xxx/CVE-2020-3353.json index 617618e943d..6864a7d9eb7 100644 --- a/2020/3xxx/CVE-2020-3353.json +++ b/2020/3xxx/CVE-2020-3353.json @@ -36,7 +36,7 @@ "description_data": [ { "lang": "eng", - "value": " A vulnerability in the syslog processing engine of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a race condition that may occur when syslog messages are processed. An attacker could exploit this vulnerability by sending a high rate of syslog messages to an affected device. A successful exploit could allow the attacker to cause the Application Server process to crash, resulting in a DoS condition. " + "value": "A vulnerability in the syslog processing engine of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to a race condition that may occur when syslog messages are processed. An attacker could exploit this vulnerability by sending a high rate of syslog messages to an affected device. A successful exploit could allow the attacker to cause the Application Server process to crash, resulting in a DoS condition." } ] }, @@ -83,4 +83,4 @@ ], "discovery": "INTERNAL" } -} +} \ No newline at end of file