"-Synchronized-Data."

2025-08-04 08:44:25 +00:00 · 2021-01-15 19:01:45 +00:00 · 2021-01-15 19:01:45 +00:00 · 4a0574c27d
commit 4a0574c27d
parent 3f8dd208b1
2 changed files with 52 additions and 3 deletions
--- a/2020/14xxx/CVE-2020-14345.json
+++ b/2020/14xxx/CVE-2020-14345.json
@ -73,6 +73,11 @@
                "refsource": "MISC",
                "name": "https://www.zerodayinitiative.com/advisories/ZDI-20-1416/",
                "url": "https://www.zerodayinitiative.com/advisories/ZDI-20-1416/"
+            },
+            {
+                "refsource": "MLIST",
+                "name": "[oss-security] 20210115 Re: [vs] Cinnamon lock screen bypass in multiple distributions",
+                "url": "http://www.openwall.com/lists/oss-security/2021/01/15/1"
            }
        ]
    },
--- a/2020/24xxx/CVE-2020-24641.json
+++ b/2020/24xxx/CVE-2020-24641.json
@ -4,14 +4,58 @@
    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2020-24641",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "security-alert@hpe.com",
+        "STATE": "PUBLIC"
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "n/a",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Aruba AirWave Glass Software",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_value": "Prior to 1.3.3"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "Remote Authentication Bypass via Unauthenticated Server-Side Request Forgery"
+                    }
+                ]
+            }
+        ]
+    },
+    "references": {
+        "reference_data": [
+            {
+                "refsource": "MISC",
+                "name": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-001.txt",
+                "url": "https://www.arubanetworks.com/assets/alert/ARUBA-PSA-2021-001.txt"
+            }
+        ]
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "In Aruba AirWave Glass before 1.3.3, there is a Server-Side Request Forgery vulnerability through an unauthenticated endpoint that if successfully exploited can result in disclosure of sensitive information. This can be used to perform an authentication bypass and ultimately gain administrative access on the web administrative interface."
            }
        ]
    }