admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-08-27 13:01:35 +00:00
parent 3cbc949fbb
commit 4949424407
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
10 changed files with 760 additions and 706 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
2020/23xxx/CVE-2020-23980.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-23980",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-23980",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "DesignMasterEvents Conference management 1.0.0 allows SQL Injection via the username field on the administrator login page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://packetstormsecurity.com/files/156959/DesignMasterEvents-CMS-1.0-SQL-Injection-Cross-Site-Scripting.html",
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/156959/DesignMasterEvents-CMS-1.0-SQL-Injection-Cross-Site-Scripting.html"
},
{
"url": "https://cxsecurity.com/issue/WLB-2020030177",
"refsource": "MISC",
"name": "https://cxsecurity.com/issue/WLB-2020030177"
}
]
}

5
2020/24xxx/CVE-2020-24032.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://pastebin.com/dHhawgx8",
"url": "https://pastebin.com/dHhawgx8"
},
{
"refsource": "MISC",
"name": "https://pastebin.com/G8981Fj8",
"url": "https://pastebin.com/G8981Fj8"
}
]
}

176
2020/4xxx/CVE-2020-4166.json
View File

@ -1,90 +1,90 @@
{
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-08-26T00:00:00",
"ID" : "CVE-2020-4166",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_type" : "CVE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2.0.1"
}
]
},
"product_name" : "Security Guardium Insights"
}
]
}
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 174402.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RL" : "O",
"RC" : "C",
"E" : "U"
},
"BM" : {
"AV" : "N",
"PR" : "N",
"UI" : "N",
"AC" : "L",
"S" : "U",
"I" : "N",
"A" : "N",
"C" : "L",
"SCORE" : "5.300"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
"CVE_data_meta": {
"DATE_PUBLIC": "2020-08-26T00:00:00",
"ID": "CVE-2020-4166",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"data_type": "CVE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2.0.1"
}
]
},
"product_name": "Security Guardium Insights"
}
]
}
}
]
}
]
},
"references" : {
"reference_data" : [
{
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"url" : "https://www.ibm.com/support/pages/node/6323297",
"name" : "https://www.ibm.com/support/pages/node/6323297"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174402",
"name" : "ibm-guardium-cve20204166-info-disc (174402)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
}
}
}
},
"description": {
"description_data": [
{
"value": "IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 174402.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RL": "O",
"RC": "C",
"E": "U"
},
"BM": {
"AV": "N",
"PR": "N",
"UI": "N",
"AC": "L",
"S": "U",
"I": "N",
"A": "N",
"C": "L",
"SCORE": "5.300"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"url": "https://www.ibm.com/support/pages/node/6323297",
"name": "https://www.ibm.com/support/pages/node/6323297"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174402",
"name": "ibm-guardium-cve20204166-info-disc (174402)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
}
}

172
2020/4xxx/CVE-2020-4167.json
View File

@ -1,90 +1,90 @@
{
"data_type" : "CVE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-08-26T00:00:00",
"ID" : "CVE-2020-4167"
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Guardium Insights 2.0.1 could allow an attacker to obtain sensitive information or perform unauthorized actions due to improper authenciation mechanisms. IBM X-Force ID: 174403.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
"data_type": "CVE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-08-26T00:00:00",
"ID": "CVE-2020-4167"
},
"description": {
"description_data": [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2.0.1"
}
]
},
"product_name" : "Security Guardium Insights"
}
]
},
"vendor_name" : "IBM"
"value": "IBM Security Guardium Insights 2.0.1 could allow an attacker to obtain sensitive information or perform unauthorized actions due to improper authenciation mechanisms. IBM X-Force ID: 174403.",
"lang": "eng"
}
]
}
},
"data_version" : "4.0",
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"UI" : "N",
"PR" : "N",
"AC" : "L",
"AV" : "N",
"C" : "L",
"SCORE" : "6.500",
"A" : "N",
"S" : "U",
"I" : "L"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Bypass Security",
"lang" : "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2.0.1"
}
]
},
"product_name": "Security Guardium Insights"
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6323297",
"url" : "https://www.ibm.com/support/pages/node/6323297"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174403",
"name" : "ibm-guardium-cve20204167-auth (174403)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
}
}
}
},
"data_version": "4.0",
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
},
"BM": {
"UI": "N",
"PR": "N",
"AC": "L",
"AV": "N",
"C": "L",
"SCORE": "6.500",
"A": "N",
"S": "U",
"I": "L"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Bypass Security",
"lang": "eng"
}
]
}
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6323297",
"url": "https://www.ibm.com/support/pages/node/6323297"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174403",
"name": "ibm-guardium-cve20204167-auth (174403)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
}
}

176
2020/4xxx/CVE-2020-4169.json
View File

@ -1,90 +1,90 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"RC" : "C",
"RL" : "O",
"E" : "U"
},
"BM" : {
"I" : "N",
"S" : "U",
"C" : "H",
"SCORE" : "5.900",
"A" : "N",
"AV" : "N",
"AC" : "H",
"UI" : "N",
"PR" : "N"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "https://www.ibm.com/support/pages/node/6323297",
"name" : "https://www.ibm.com/support/pages/node/6323297",
"refsource" : "CONFIRM",
"title" : "IBM Security Bulletin 6323297 (Security Guardium Insights)"
},
{
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174405",
"name" : "ibm-guardium-cve20204169-info-disc (174405)",
"refsource" : "XF",
"title" : "X-Force Vulnerability Report"
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Security Guardium Insights",
"version" : {
"version_data" : [
{
"version_value" : "2.0.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"impact": {
"cvssv3": {
"TM": {
"RC": "C",
"RL": "O",
"E": "U"
},
"BM": {
"I": "N",
"S": "U",
"C": "H",
"SCORE": "5.900",
"A": "N",
"AV": "N",
"AC": "H",
"UI": "N",
"PR": "N"
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174405.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-08-26T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4169"
},
"data_type" : "CVE"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.ibm.com/support/pages/node/6323297",
"name": "https://www.ibm.com/support/pages/node/6323297",
"refsource": "CONFIRM",
"title": "IBM Security Bulletin 6323297 (Security Guardium Insights)"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174405",
"name": "ibm-guardium-cve20204169-info-disc (174405)",
"refsource": "XF",
"title": "X-Force Vulnerability Report"
}
]
},
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Guardium Insights",
"version": {
"version_data": [
{
"version_value": "2.0.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
},
"description": {
"description_data": [
{
"value": "IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174405.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-08-26T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4169"
},
"data_type": "CVE"
}

174
2020/4xxx/CVE-2020-4171.json
View File

@ -1,90 +1,90 @@
{
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6323297",
"url" : "https://www.ibm.com/support/pages/node/6323297"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174407",
"name" : "ibm-guardium-cve20204171-info-disc (174407)"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
]
}
]
},
"impact" : {
"cvssv3" : {
"BM" : {
"AV" : "N",
"AC" : "L",
"PR" : "L",
"UI" : "N",
"I" : "N",
"S" : "U",
"C" : "L",
"SCORE" : "4.300",
"A" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"data_format" : "MITRE",
"data_version" : "4.0",
"affects" : {
"vendor" : {
"vendor_data" : [
"references": {
"reference_data": [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Guardium Insights",
"version" : {
"version_data" : [
{
"version_value" : "2.0.1"
}
]
}
}
]
}
"title": "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6323297",
"url": "https://www.ibm.com/support/pages/node/6323297"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174407",
"name": "ibm-guardium-cve20204171-info-disc (174407)"
}
]
}
},
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Guardium Insights 2.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174407."
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"DATE_PUBLIC" : "2020-08-26T00:00:00",
"ID" : "CVE-2020-4171",
"STATE" : "PUBLIC"
}
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"impact": {
"cvssv3": {
"BM": {
"AV": "N",
"AC": "L",
"PR": "L",
"UI": "N",
"I": "N",
"S": "U",
"C": "L",
"SCORE": "4.300",
"A": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
}
},
"data_format": "MITRE",
"data_version": "4.0",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Guardium Insights",
"version": {
"version_data": [
{
"version_value": "2.0.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Guardium Insights 2.0.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 174407."
}
]
},
"data_type": "CVE",
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"DATE_PUBLIC": "2020-08-26T00:00:00",
"ID": "CVE-2020-4171",
"STATE": "PUBLIC"
}
}

176
2020/4xxx/CVE-2020-4172.json
View File

@ -1,90 +1,90 @@
{
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"C" : "L",
"SCORE" : "3.700",
"A" : "N",
"S" : "U",
"I" : "N",
"PR" : "N",
"UI" : "N",
"AC" : "H",
"AV" : "N"
}
}
},
"references" : {
"reference_data" : [
{
"name" : "https://www.ibm.com/support/pages/node/6323297",
"url" : "https://www.ibm.com/support/pages/node/6323297",
"title" : "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"refsource" : "CONFIRM"
},
{
"name" : "ibm-guardium-cve20204172-info-disc (174408)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174408",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_format" : "MITRE",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 174408."
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"version" : {
"version_data" : [
{
"version_value" : "2.0.1"
}
]
},
"product_name" : "Security Guardium Insights"
}
]
},
"vendor_name" : "IBM"
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"C": "L",
"SCORE": "3.700",
"A": "N",
"S": "U",
"I": "N",
"PR": "N",
"UI": "N",
"AC": "H",
"AV": "N"
}
]
}
},
"data_version" : "4.0",
"CVE_data_meta" : {
"ID" : "CVE-2020-4172",
"DATE_PUBLIC" : "2020-08-26T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC"
},
"data_type" : "CVE"
}
}
},
"references": {
"reference_data": [
{
"name": "https://www.ibm.com/support/pages/node/6323297",
"url": "https://www.ibm.com/support/pages/node/6323297",
"title": "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"refsource": "CONFIRM"
},
{
"name": "ibm-guardium-cve20204172-info-disc (174408)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174408",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_format": "MITRE",
"description": {
"description_data": [
{
"lang": "eng",
"value": "IBM Security Guardium Insights 2.0.1 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 174408."
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"version": {
"version_data": [
{
"version_value": "2.0.1"
}
]
},
"product_name": "Security Guardium Insights"
}
]
},
"vendor_name": "IBM"
}
]
}
},
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-4172",
"DATE_PUBLIC": "2020-08-26T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC"
},
"data_type": "CVE"
}

174
2020/4xxx/CVE-2020-4174.json
View File

@ -1,90 +1,90 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"S" : "U",
"I" : "N",
"SCORE" : "5.900",
"AC" : "H",
"A" : "N",
"AV" : "N",
"UI" : "N",
"PR" : "N",
"C" : "H"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"CVE_data_meta" : {
"ASSIGNER" : "psirt@us.ibm.com",
"STATE" : "PUBLIC",
"ID" : "CVE-2020-4174",
"DATE_PUBLIC" : "2020-08-26T00:00:00"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "Security Guardium Insights",
"version" : {
"version_data" : [
{
"version_value" : "2.0.1"
}
]
}
}
]
},
"vendor_name" : "IBM"
"impact": {
"cvssv3": {
"BM": {
"S": "U",
"I": "N",
"SCORE": "5.900",
"AC": "H",
"A": "N",
"AV": "N",
"UI": "N",
"PR": "N",
"C": "H"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
]
}
},
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"value" : "IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174683.",
"lang" : "eng"
}
]
},
"data_type" : "CVE",
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Obtain Information"
}
}
},
"CVE_data_meta": {
"ASSIGNER": "psirt@us.ibm.com",
"STATE": "PUBLIC",
"ID": "CVE-2020-4174",
"DATE_PUBLIC": "2020-08-26T00:00:00"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Security Guardium Insights",
"version": {
"version_data": [
{
"version_value": "2.0.1"
}
]
}
}
]
},
"vendor_name": "IBM"
}
]
}
]
},
"data_format" : "MITRE",
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"name" : "https://www.ibm.com/support/pages/node/6323297",
"url" : "https://www.ibm.com/support/pages/node/6323297",
"refsource" : "CONFIRM"
},
{
"refsource" : "XF",
"name" : "ibm-guardium-cve20204174-info-disc (174683)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174683",
"title" : "X-Force Vulnerability Report"
}
]
}
}
}
},
"data_version": "4.0",
"description": {
"description_data": [
{
"value": "IBM Security Guardium Insights 2.0.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 174683.",
"lang": "eng"
}
]
},
"data_type": "CVE",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Obtain Information"
}
]
}
]
},
"data_format": "MITRE",
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"name": "https://www.ibm.com/support/pages/node/6323297",
"url": "https://www.ibm.com/support/pages/node/6323297",
"refsource": "CONFIRM"
},
{
"refsource": "XF",
"name": "ibm-guardium-cve20204174-info-disc (174683)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174683",
"title": "X-Force Vulnerability Report"
}
]
}
}

176
2020/4xxx/CVE-2020-4175.json
View File

@ -1,90 +1,90 @@
{
"data_format" : "MITRE",
"impact" : {
"cvssv3" : {
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
},
"BM" : {
"S" : "U",
"I" : "N",
"C" : "H",
"SCORE" : "5.900",
"A" : "N",
"AV" : "N",
"PR" : "N",
"UI" : "N",
"AC" : "H"
}
}
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6323297",
"url" : "https://www.ibm.com/support/pages/node/6323297"
},
{
"name" : "ibm-guardium-cve20204175-info-disc (174684)",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/174684",
"title" : "X-Force Vulnerability Report",
"refsource" : "XF"
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"value" : "Obtain Information",
"lang" : "eng"
}
]
}
]
},
"data_type" : "CVE",
"CVE_data_meta" : {
"STATE" : "PUBLIC",
"DATE_PUBLIC" : "2020-08-26T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4175"
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 174684.",
"lang" : "eng"
}
]
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Guardium Insights",
"version" : {
"version_data" : [
{
"version_value" : "2.0.1"
}
]
}
}
]
}
"data_format": "MITRE",
"impact": {
"cvssv3": {
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
},
"BM": {
"S": "U",
"I": "N",
"C": "H",
"SCORE": "5.900",
"A": "N",
"AV": "N",
"PR": "N",
"UI": "N",
"AC": "H"
}
]
}
},
"data_version" : "4.0"
}
}
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6323297",
"url": "https://www.ibm.com/support/pages/node/6323297"
},
{
"name": "ibm-guardium-cve20204175-info-disc (174684)",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/174684",
"title": "X-Force Vulnerability Report",
"refsource": "XF"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "Obtain Information",
"lang": "eng"
}
]
}
]
},
"data_type": "CVE",
"CVE_data_meta": {
"STATE": "PUBLIC",
"DATE_PUBLIC": "2020-08-26T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4175"
},
"description": {
"description_data": [
{
"value": "IBM Security Guardium Insights 2.0.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 174684.",
"lang": "eng"
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Guardium Insights",
"version": {
"version_data": [
{
"version_value": "2.0.1"
}
]
}
}
]
}
}
]
}
},
"data_version": "4.0"
}

176
2020/4xxx/CVE-2020-4603.json
View File

@ -1,90 +1,90 @@
{
"impact" : {
"cvssv3" : {
"BM" : {
"C" : "L",
"SCORE" : "3.300",
"A" : "N",
"I" : "L",
"S" : "U",
"AC" : "H",
"PR" : "H",
"UI" : "N",
"AV" : "N"
},
"TM" : {
"E" : "U",
"RC" : "C",
"RL" : "O"
}
}
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "Gain Privileges"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"title" : "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"refsource" : "CONFIRM",
"name" : "https://www.ibm.com/support/pages/node/6323297",
"url" : "https://www.ibm.com/support/pages/node/6323297"
},
{
"refsource" : "XF",
"title" : "X-Force Vulnerability Report",
"url" : "https://exchange.xforce.ibmcloud.com/vulnerabilities/184880",
"name" : "ibm-guardium-cve20204603-improper-privs (184880)"
}
]
},
"data_format" : "MITRE",
"affects" : {
"vendor" : {
"vendor_data" : [
{
"vendor_name" : "IBM",
"product" : {
"product_data" : [
{
"product_name" : "Security Guardium Insights",
"version" : {
"version_data" : [
{
"version_value" : "2.0.1"
}
]
}
}
]
}
"impact": {
"cvssv3": {
"BM": {
"C": "L",
"SCORE": "3.300",
"A": "N",
"I": "L",
"S": "U",
"AC": "H",
"PR": "H",
"UI": "N",
"AV": "N"
},
"TM": {
"E": "U",
"RC": "C",
"RL": "O"
}
]
}
},
"description" : {
"description_data" : [
{
"value" : "IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 184880.",
"lang" : "eng"
}
]
},
"data_version" : "4.0",
"CVE_data_meta" : {
"DATE_PUBLIC" : "2020-08-26T00:00:00",
"ASSIGNER" : "psirt@us.ibm.com",
"ID" : "CVE-2020-4603",
"STATE" : "PUBLIC"
},
"data_type" : "CVE"
}
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Gain Privileges"
}
]
}
]
},
"references": {
"reference_data": [
{
"title": "IBM Security Bulletin 6323297 (Security Guardium Insights)",
"refsource": "CONFIRM",
"name": "https://www.ibm.com/support/pages/node/6323297",
"url": "https://www.ibm.com/support/pages/node/6323297"
},
{
"refsource": "XF",
"title": "X-Force Vulnerability Report",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/184880",
"name": "ibm-guardium-cve20204603-improper-privs (184880)"
}
]
},
"data_format": "MITRE",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IBM",
"product": {
"product_data": [
{
"product_name": "Security Guardium Insights",
"version": {
"version_data": [
{
"version_value": "2.0.1"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"value": "IBM Security Guardium Insights 2.0.1 performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses. IBM X-Force ID: 184880.",
"lang": "eng"
}
]
},
"data_version": "4.0",
"CVE_data_meta": {
"DATE_PUBLIC": "2020-08-26T00:00:00",
"ASSIGNER": "psirt@us.ibm.com",
"ID": "CVE-2020-4603",
"STATE": "PUBLIC"
},
"data_type": "CVE"
}